FIXIT MENU:
home about us contact us

WHAT'S AVAILABLE:
free scripts advanced scripts online tools great books web related tutorials contributed tutorials news archive geek toys!

SUPPORT:
help forum live chat help



Selected article

RSS feed   enewsbar Live Subscribe    Add to MyYahoo    Add to Google

Other HTMLfixIT articles:




by Franki

Well, that didn’t take long did it? The first bug in IE that has come out after SP2, and that Service Pack 2 for Windows XP doesn’t fix has been found.

Secunia.com has found a new “highly critical” flaw in Internet Explorers “drag and drop” system that allows a malicious site to put an executable file onto the users file system, or as they put it:

“The vulnerability is caused due to insufficient validation of drag and drop events issued from the “Internet” zone to local resources. This can be exploited by a malicious website to e.g. plant an arbitrary executable file in a user’s startup folder, which will get executed the next time Windows starts up.
http-equiv has posted a PoC (Proof of Concept), which plants a program in the startup directory when a user drags a program masqueraded as an image.”


The Inquirer has reported this as well.

Secunia’s advice on how to work around the problem is:
“Disable Active Scripting or use another product.”

Since disabling Active Scripting essentially disables IE for many sites, the second option is the one I’d recommend. (big surprise I know. 🙂 ) My suggestion is as always, to install Firefox for Windows, and get off the security flaw round about. (It’s better, and it’s free. So I put it to you that if your reading this page with Internet Explorer, your showing a pretty serious lack of respect for your own files and data, not to mention your time.)

Regards

Franki








Comments are closed.







This site is totally free to use, you have absolutely no moral or legal obligations to help us continue.
There are however, some costs involved in running the site.

<random humor>
Plus Franki is trying to keep his boat floating.
</random humor>

So if this site helped you find your way, perhaps you could consider contributing to our costs. Whatever amount you feel this site was worth to you would be just wonderful.
Use PayPal if you do decide to share and help us with the costs and in appreciation for our time and attention, or alternatively buy a book from our Bookstore..


  Time  in  Don's  part  of the world is:   March 28, 2024, 4:09 pm
  Time in Franki's part of the world is:   March 29, 2024, 5:09 am
  Don't worry neither one sleeps very long!



privacy policy :: support us :: home :: live chat help
contact us :: forum ::tutorials :: bookstore :: Site Map



      Valid XHTML 1.0!             powered by Apache Server
Pic 3 Pic 3

SEARCH:
USEFUL LINKS:

CIGHTML Firefox Thunderbird ClamWin WordPress SpyBot S&D TheGIMP Apache for Windows Registry Cleaners More cool stuff:

//-->

HTMLfixIT Site Stats.

Browser Statistics
Internet Explorer 85.88%
IE 717.63%
IE 62.3%
IE 50.00%
IE other8.6%
Moz Firefox 3.x3.03%
Moz Firefox 2.x0.18%
Moz Firefox 0.x/1.x26.65%
Netscape 8.x0.00%
NS 6+/Mozilla2.73%
Moz Seamonkey0.00%
K-meleon0.00%
Epiphany0.00%
Netscape 4.x0.00%
Opera 9.x0.00%
Opera 8.x0.00%
Opera 7.x0.42%
Opera 6.x0.00%
Opera other0.42%
Safari Mac/Intel5.21%
Safari Mac/PPC0.06%
Safari Windows25.2%
Google Chrome1.51%
Konqueror0.18%
Galeon0.00%
WebTV0.00%


Resolution Statistics
640 x 4800.25%
800 x 60026.14%
1024 x 76836.55%
1152 x 8640.25%
1280 x 80011.68%
1280 x 8540.00%
1280 x 102417.01%
1400 x 10500.00%
1600 x 12001.02%
1920 x 12007.11%
2560 x 10240.00%


OS Statistics
Windows 741.55%
Windows Vista2.4%
Windows 20033.91%
Windows XP20.86%
Windows 20000.36%
Windows NT40.05%
Windows 98/ME0.05%
Windows 950.00%
Linux/UNIX/BSD8.76%
Mac OSX8.03%
Mac Classic0.00%
Misc14.03%



New Windows Virus Alerts
also by sophos.

17 Apr 2011 Troj/Mdrop-DKE
17 Apr 2011 Troj/Sasfis-O
17 Apr 2011 Troj/Keygen-FU
17 Apr 2011 Troj/Zbot-AOY
17 Apr 2011 Troj/Zbot-AOW
17 Apr 2011 W32/Womble-E
17 Apr 2011 Troj/VB-FGD
17 Apr 2011 Troj/FakeAV-DFF
17 Apr 2011 Troj/SWFLdr-W
17 Apr 2011 W32/RorpiaMem-A

For details and removal instructions, click the virus in question.