[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Potential Flaw in Internet Explorer Enhanced Security Configuration

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Potential Flaw in Internet Explorer Enhanced Security Configuration
From: Pieter Niessink <pieter@xxxxxxxxxx>
Date: Sun, 13 Jun 2004 23:00:49 +0200

Hey,

Microsoft introduced a new piece of software in Windows Server 2003 called Internet Explorer Enhanced Security Configuration. Its supposed to stop content which is a potential security risk from loading or being run.

Since its installed by default i have it running on my server too. When surfing with IE it seems to do its job alright. The problem is that if you leave your IE window open when the computer goes on screen-saver the content seems to load normally. Including banners, flash objects and applets which should be blocked. This can't be good, especially not on a server os.

Has anyone else seen this, or is it a known problem ?

Kind Regards,

Pieter

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] Visual Captchas AKA Word Verification Systems
Next by Date: Re: [Full-Disclosure] !! Internet Explorer !!
Previous by thread: Re: [Full-Disclosure] Visual Captchas AKA Word Verification Systems
Next by thread: [Full-Disclosure] Infosec News Blog
Index(es):
- Date
- Thread