Computer Tips -Tech Info

Tag: MSIE

  • IE 7 address bar spoofing issue

    Another issue was reported with the new IE 7 and confirmed by Microsoft. It seems that it’s possible for a malicious link to spoof the information in the address bar (make it look like you’re at a site that you’re NOT at.) Incidents.org gives the following possible workaround…

    As a quick workaround you may want to configure MSIE 7.0 to open new windows in a new tab. In order to do this, Tools -> Internet Options -> Tabs Settings -> When a pop-up is encountered: Always open pop-ups in a new tab.

  • Microsoft vulnerability whack-a-mole continues…..

    Translation – Microsoft patched one vulnerability another surfaces…. Incidents.org brings us the frustrating news….

    If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released after the out of cycle Microsoft patch for MSIE.

    So…. here are the possible workarounds….

    (more…)

  • Wget user agent avoidance

    I use wget a LOT. Many times in working with a website I’ve got a ssh console opened to the site and if there’s a plugin that I’d like to download it doesn’t make sense to download and then upload, I want to just download it directly from xyz.com webserver to the website where it will be installed. However, many times people have set up rules to block wget downloads. Yes, I know people use wget to suck down entire websites, it uses up bandwidth, etc. etc. Well. Wget is capable of sending a different user-agent.

    (more…)

  • Another trackback spam storm overnight….

    All of the the swarms of trackback spam seemed to last an hour give or take a few minutes, so it does look kind of like “rent-a-bot” activity, lots of different IP addresses, trackback spam sites seem to have a common theme – the last batch was insurance type sites…. a sampling of about three or four found that they were all cloaked redirects for the same site/page …. http://www.finance-portal-online.com/insurance.php ALL are registered with moniker.com and all the insurance related domains being spammed (that I checked) redirect to the finance-portal-online.com site above which is registered to a “Bill Bilton” whose email is given as bill at top-support.net ….

    (more…)

  • Interesting spyware push download tactic…

    Incidents.org has another interesting post about a spyware site. One of the handlers ran across it while doing a search for an educational institution. (They’ve used a wildcard in the dns record so that they can get traffic to {fillinkeyword}.nastydomain.com) Anyway… the main page tries to install WinAntiSpyware2006FreeInstall.cab from WinSoftware Corporation, Inc. It gives the little ActiveX control popdown bar and insists that it must be installed to view the page properly. But that’s not the most interesting part…

    (more…)

  • More details on php exploit from last week

    Ok. I have a bit of time that I can sit down and get a little more detailed on what specifically happened late last week that shut the site down for a couple days.
    (more…)