Computer Tips -Tech Info

Tag: IE

  • IE exploit unofficial patches

    While we wait for Microsoft to release a patch for the MOST recent Internet Explorer vulnerability….. it looks as though MS is “planning” to release a patch on their routine patch day of April 11th. (However they could always change their mind…) As before though there are some 3rd party patches. I’ve got to say I’m slightly uncomfortable with the prospect of a third party patch when there are workarounds (use another browser, disable active scripting….) However, for some those aren’t enough options. I know of two unofficial patches.

    (more…)

  • 1000th article

    It seems I posted the 1000th article yesterday with the note on the recent IE vulnerability. (I wonder how many articles out of the 1000 were about IE vulnerabilities???) Anyway, nice round numbers like that are interesting to note as milestones. I haven’t been doing much in the way of updates for a bit and there are a couple of reasons. One was the great trauma with the internet connection that I’ve previously described…. what’s interesting about that….

    (more…)

  • Another critical IE flaw

    I should mention a fairly big Windows vulnerability (which involves active scripting). Apparently there are proof-of-concept exploits circulating that do innocent things like open up the calculator. Unfortunately, once exploits are out that can do this, it’s trivial for them to do worse. The bottom line is, be careful what sites you visit, beware of “driveby downloads” using this tactic consider alternative browsers until you’re patched. (Although in reality, with IE’s integration in Windows, it’s hard to be completely safe this way with other apps using IE to view html objects….)

    (more…)

  • Google Pack

    Google has announced Google Pack available for download It sounds as though there’s a nice bundle of Google (and non-google software) included (Google Desktop, Earth, Picasa, Toolbar for IE, Google Pack Screensaver, Acrobat reader, Norton Antivirus 6 month trial, AD-aware SE personal, firefox with google toolbar.) It sounds as though there is an update manager that can keep all the “google pack” components updated and there are rumors of other applications being made available in the not so distant future (OpenOffice for instance.)

    (more…)

  • WMF exploit and Windows 98

    Most of the talk on the WMF zero-day has centered on Windows XP, 2000 and 2003. The unofficial patch is available for those three platforms. Microsoft’s (eventual) patch will likely be for those as well. Incidents.org had a comment in one of their posts that this would be a “watershed moment” for Windows 98/ME and that those users should upgrade immediately as there is little/no hope for a patch.

    (more…)

  • Another workaround for WMF exploit

    There are at least two other workarounds for the Windows Meta File (WMF) exploit that I’ve been looking into this afternoon. These from sunbelt blog.

    First up…

    2. Change file associations for WMF files.
    An equally ugly fix (but perhaps preferable) is to do the following:
    1. Go to My documents, Tools, Folder Options, File Types.
    2. Change WMF Image to notepad and select always open with this.
    Your WMF files will open in Notepad. Ugly, but it is a fix.

    (more…)

  • If the cumulitive IE patch fails to install

    This is related to MS05-054… According to Incidents.org it’s possible that this will not install (user submission of this). They also have a user submitted workaround…

    (more…)

  • Internet Explorer in standalone mode?

    Now, it can be useful to run several versions of the same program at the same time (especially if it’s a web browser.) I’ve accomplished this under linux with internet explorer, but didn’t realize there was a way to do so on Windows. Sunbelt blog found a good guide to installing Internet Explorer 7 beta 1 on a system without tampering with their (working) IE 6 install.

    (more…)

  • Two critical fixes from Microsoft on December patch Tuesday

    December’s rendition of Microsoft’s monthly Patch Tuesday will feature two critical security fixes. The malicious software removal tool will also be updated…

    Additionally, Microsoft will issue two non-security high-priority updates through Windows Update and Software Update Services, and three non-security high-priority updates through Microsoft Update and Windows Server Update Services. It is standard Microsoft procedure to not disclose the nature of the updates beforehand for security reasons.

    (more…)

  • Google tightens Google Desktop security to avoid IE bug

    Last week there was word of a bug in Internet Explorer that would allow users of Google Desktop to be vulnerable to having the files on their machine viewed from a malicious website. Today, there is news that Google has made changes on thier site that prevent that flaw from being exploited through their software.

    (more…)