Posted on 12/01/2004 2:32:40 PM PST by holymoly
Microsoft published a patch for Internet Explorer on Wednesday, aiming to close a month-old hole that has been used by viruses to spread and by an ad banner attack to compromise PCs.
The vulnerability, dubbed the Internet Explorer Elements flaw by Microsoft, had previously been called the iFrame vulnerability. The issue--which does not affect Microsoft's major Windows XP security update, Service Pack 2--could allow an attacker to take control of a victim's PC, if the user is logged on as an administrator. Most home users tend to log onto Windows as administrators.
A Microsoft representative said the software giant had released the update before its next scheduled patch day, Dec. 7, because it had already been used by malicious software to compromise Windows users' PCs.
"That's one of the things that we factor in--when the customers are affected or there are active attacks," said Stephen Toulouse, security program manager at Microsoft's security response center.
An attacker can use the vulnerability to gain control of a person's computer when the victim clicks on a simple Web link. The attacker would then have complete control of the system, and could install programs, view, modify or delete data and create new accounts.
The patch arrived more than a month after news of the vulnerability was first posted on public security mailing lists. The move garnered criticism from Microsoft, which has led a drive to convince security researchers to give software makers at least 30 days to fix issues before outing the problem in public forums.
If you have XP Service Pack 2 already installed, dont worry about it. (that big 80 mb update a couple months ago)
Yes, before everyone tries to download this patch, be aware that is is only for people who did not update to SP2.
I updated to SP2 and it ate my Norton virus protection. I can't install the new 2005 version because of a conflict somewhere. Anyone else having similar problems? Suggestions? Because of it I've picked up a virus. I plan on spending whatever time necessary on the phone with Symantec tomorrow.
Yes, some bozo at work bought Norton Internet Security 2005 and tried to load it on Win98. I have been screwing around with it for weeks. I have been working with Haji in Symantec Jakarta, but he might have been killed by Muslim guerillas as my latest email has gone unanswered.
Personally, anything over Norton Anti Virus is a waste if you are behind a corporate firewall...
Note, that Symantec will conflict with the XP firewall settings in the SP2 upgrade.....I received a screen asking to turn off the Windows and turn on the Symantec.
Thank you BK.
Maybe I missed that screen when I downloaded SP2. I'm using the 2005 antivirus program (it was the latest version available). But when I try to install it on XP Home I get a screen that says: WINRAR Self-extracting archive: NV11ESD.exe - ordinal not found," plus some other (to me) gibberish. I tried a new download from Symantec and another installation but same deal.
Also, you might have to do a clean boot before installing....
to go Run, enter MSCONFIG, and check off all the programs that load at startup. Also, did you UNINSTALL NAV2004 or your previous version?
NOT It's faster for some people on some machines.I have both installed on two machines and it opens slower on both of them.I've also noticed that when you first install it it's quite a bit faster, then after you start adding plug-ins and extensions it slows it down .HOWEVER if you're using the tabbed browsing feature to bounce around between a half dozen or so websites there's nothing IE can do that even comes close.It's also much more resistant to spyware and pop-ups than IE.BTW IE running on XP SP2 blocks pop-ups pretty damn good all by itself
Easiest way to get the updates is as follows:
From the menu at the top of Internet Explorer
1. Click on TOOLS
2. Click on WINDOWS UPDATE
You will be taken to the microsoft site.
3. Click on SCAN FOR UPDATES
4. Install the updates related to Internet Explorer and Windows Media Player (these are the most recent service pack updates).
If you have not done this in a while, there may be more you will want to select. Some have to do with languages, etc. that you probably don't need even though they are offered.
After installation, your computer will reboot. Say YES. When it comes back on, you are up to date.
If you have FireFox, you don't get to do this.
Maybe so, but IE is full of problems and comes from Microsoft.
Get rid of Norton (and any Symantec products for that matter) and download a copy of AVG Anti vrius. It's free and beats the p!$$ out of Norton. My machine loves it. Norton was such a hog. There is also a Pro version you can buy but the free version does the trick nicely...and it has regularly updated definitions that can be set up to download automatically at certain hours of the day.
Thanks Karl. I'll give all this a go tomorrow and report back.
Correction:
If you have Firefox, you don't need to do this.
Browser Ping
IIRC, the stand-alone Metaframe client is much faster. It's what I used when I needed remote access to the Windows infrastructure in the server room at work.
Define runs slower? do you mean load slower, draws pages slower??? Do you pre load it into memory so that its always resident (ie does this by default, firefox does not).
www.grisoft.com - download the free version. It's excellent.
Ya, I'd agree that the stand-alone client is a better solution. Added plus: it seems to like my linux box just fine.
Yesterday, while playing with my 'terminal server client', (Fedora core2) I found that it had native support for the ica protocol. (which is what citrix uses). Excellent!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.