dso exploit

David

Distinguished
Apr 1, 2004
2,039
0
19,780
Archived from groups: microsoft.public.windowsxp.newusers (More info?)

When i run spybot s&d on the administrator logon screen
it shows the exploits have been given the ms fixes, but
when i run it on he users screen (logon) it dont show but
three of them and fails to show the ms fixes. I am pretty
sure it has to do with how i have the browser set but i
cant find it myself. it also shows spyware on the user
logon after running on the admin logon. can any lead me
to the ans to this problem? thanks
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.newusers (More info?)

david said in news:20bbd01c4599c$edaaa3d0$a501280a@phx.gbl:
> When i run spybot s&d on the administrator logon screen
> it shows the exploits have been given the ms fixes, but
> when i run it on he users screen (logon) it dont show but
> three of them and fails to show the ms fixes. I am pretty
> sure it has to do with how i have the browser set but i
> cant find it myself. it also shows spyware on the user
> logon after running on the admin logon. can any lead me
> to the ans to this problem? thanks

http://snipurl.com/7a8s

Since the registry change is under the HKEY_CURRENT_USER hive, it
applies only to the currently logged on user. You will have to make the
same change for each user (by finding the matching registry key under
HKEY_USERS or logging onto each user account and making the registry
change).

--
____________________________________________________________
*** Post replies to newsgroup. Share with others.
*** Email domain = ".com" *AND* append "=NEWS=" to Subject.
____________________________________________________________
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.newusers (More info?)

Greetings --

The DSO exploit was patched long ago by IE Cumulative Update
MS02-015, in March of 2002. If you've installed this specific patch,
or any subsequent IE Cumulative Updates, or Service Pack 1, you're
safe. It would appear that the latest version of Spybot S&D is only
checking for Internet zone settings in the registry that could be used
as work-around protection, and not for the presence of any corrective
patches. Hopefully, the makers of Spybot will soon fix this bug.

MS02-015 March 28, 2002 Cumulative Patch for Internet Explorer
http://support.microsoft.com/default.aspx?scid=kb;EN-US;319182

If you like, you can test your system for this particular
vulnerability at this web site:
http://www.greymagic.com/security/advisories/gm001-ie/

The makers of SpyBot S&D have acknowledged the problem and will
fix it on their next update:
http://www.safer-networking.org/index.php?page=paragraphs&detail=currentfaqs


Bruce Chambers
--
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH


"david" <anonymous@discussions.microsoft.com> wrote in message
news:20bbd01c4599c$edaaa3d0$a501280a@phx.gbl...
> When i run spybot s&d on the administrator logon screen
> it shows the exploits have been given the ms fixes, but
> when i run it on he users screen (logon) it dont show but
> three of them and fails to show the ms fixes. I am pretty
> sure it has to do with how i have the browser set but i
> cant find it myself. it also shows spyware on the user
> logon after running on the admin logon. can any lead me
> to the ans to this problem? thanks