Results 1 to 4 of 4

Thread: Security hole in IE

  1. #1
    Junior Member
    Join Date
    Nov 2005
    Posts
    1

    Red face Security hole in IE

    I recieved message stating there was a security hole in IE allowing websites to execute code without asking me first. What should I do to correct this.

  2. #2
    Member
    Join Date
    Oct 2005
    Posts
    44

    Default

    Curious, where did you recieve this message from?...SSD?

    If from SSD, could you post a copy of the item in question?

    You gave no detail for anyone to ref. Without some detail we have no way other than clairvoyance to determine what you mean.

  3. #3
    Junior Member
    Join Date
    Nov 2005
    Posts
    3

    Default

    One major security hole comes to mind, but I'm sure there are more.

    There is a way for a website to use IE to create a text file on your machine. This text file would contain what seems like a random bunch of characters, if you were to look at it in a text editor. However, when this text file is renamed (to some form of ".exe") and executed, it contains the right 1's and 0's to be an actual executable file. Normaly, this file is used to download the files that will actually do the damage. (This hole involves using a built-in ActiveX object that's should only be able to create text files. However, the difference between a text file and an executable file can be very minimal, if the right 1's and 0's are in the correct place.)

    Another possible hole involves extremely long URLs with a certain sequence of characters.

    I believe both of these holes have been patched up by Microsoft. So, go and update IE or start using Firefox. (For the first hole I mentioned, you can also disable ActiveX objects for sites that you don't trust.)

    As mikey put it, we'll need more info. So, post that here as well. Where did you receive this message? Was it from S&D or was it some website popup? (There are some unscrupulous operators out there with advertisements that seem like legitimate warning messages.)

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,474

    Default

    GYPSYGRANNY
    As Mikey said;, more information is needed, meanwhile you can take a look at these links for security tips.

    So how did I get infected in the first place? By Tony Klein

    Windows Security
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •