Coffeehouse Thread

61 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Microsoft Security Alert, here's where to go

Back to Forum: Coffeehouse
  • User profile image
    pacelvi

    Oh I left parts out of my rant.

    I truely mean the words in the next sentence.

    What idiot approved the dialog box that basically says "This web site you haven't added to your Trusted Sites is at the moment wanting to get onto your network and write and read files.  We're not going to tell you which ones.  Will you let it"?

    Now I think I"ve scoured my zone settings for three days and dont think I have one remaining option at "Prompt"   will it ever go away?

  • User profile image
    manickernel

    Ok, I kinda hoped someone might discuss this but I now ask of you humbly with hat in hand....

    What ARE the implications of following the Eeye registry modifications on workstation clients as follows:

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000566-0000-0010-8000-00AA006D2EA4}]
    "Compatibility Flags"=dword:00000400

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/hta]

    I know that this unlinks the adodb.stream function (if I am saying that right) on the local machine from IE, and removes the mime type for hta, but what are the possible ramifications?

    I have already done this for about 900 desktops, and no issues yet, but would like more information.

    or am i just beta testing out here?? Tongue Out

    and this may have been reported elswhere, but SecFocus has news of a second vector for the recent vulnerablilty in this link


  • User profile image
    Karim

    pacelvi wrote:


    What idiot approved the dialog box that basically says "This web site you haven't added to your Trusted Sites is at the moment wanting to get onto your network and write and read files.  We're not going to tell you which ones.  Will you let it"?



    LOL!

    My favorite (and I have only this on Microsoft sites so far, including microsoft.com/security), is the XP SP2 dialog that says,

    The current site is trying to open a file that can have different security restrictions.  If you trust this site, proceed by clicking OK.

    The first time I saw this, I was like "WHAT file?!?!" and "Different security restrictions from WHAT?!?!"

    There's a point at which dumbing down the technical content of an error message makes it completely useless.  I call this the "Sad Mac" syndrome, after the little Sad Macintosh icon that comes on whenever the Mac has one of 27 billion possible hardware problems.  It's similar to the "Check Engine" light on some cars.

    Error message we can expect to see in the future:

    "The current site is trying to do something that may or may not be malicious.  If you would like to proceed, click OK."

    "The server has sent content that could have ambiguous security ramifications for you, or possibly for those on your network.  If you believe the owner of this website to be an honest and forthright person of integrity, click OK to continue."

    "This web page contains content that could sometimes possibly be considered harmful, though not always.  Click Cancel to navigate away from this page, or
    click the 'I'm Feeling Lucky' button to proceed."

  • User profile image
    manickernel

    Just reading Karim above, and hoping someone might have replied to my post, and I got to thinking..(always dangerous)

    Now this is way, way out there. But at this point maybe way out is needed....

    Why couldn't Microsoft generate "trusted keys" similar to SSL keys. Any website that wants to take ActiveX beyond "safe" methods would need to register and get a key before IE would grant those methods. The critical thing here is keys could be revoked, so this is more than just "signing" them as is done currently.

    This takes part of the burden of determining a "trusted site" off the user.

    Ok, I have probably made an idiot of myself, but no more so than "open a file that can have different security restrictions" 

  • User profile image
    manickernel

    As PeterF posted over in the coffeehouse, Microsoft has released a critical update 870669 that essentially makes the same modifications removing adodb.streams from IE functionality as recommended by Eeye.

  • User profile image
    Karim

    an·ti·cli·max [ àntī kl màks, àntee kl màks ] (plural an·ti·cli·max·es)
    noun 
    1. disappointing end after big buildup: an ordinary or unsatisfying event that follows an increasingly exciting, dramatic, or unusual series of events or a period of increasing anticipation and excitement

  • User profile image
    lars

    Karim wrote:

    I call this the "Sad Mac" syndrome, after the little Sad Macintosh icon that comes on whenever the Mac has one of 27 billion possible hardware problems.


    LOL

    /Lars.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.