[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] RE: Official IFRAME patch - make sure it installs correctly

To: "'Berend-Jan Wever'" <skylined@xxxxxxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] RE: Official IFRAME patch - make sure it installs correctly
From: "Rivera Alonso, David" <drivera@xxxxxxxxxxxx>
Date: Fri, 3 Dec 2004 10:11:20 +0100

Same happened to me.
I went to WindowsUpdate, patched it and run MBSA, who told it wasn't
patched. I had to download the .EXE and run again. After the reboot, MBSA
told I was safe.

-----Mensaje original-----
De: Berend-Jan Wever [mailto:skylined@xxxxxxxxxxxxxxx] 
Enviado el: jueves, 02 de diciembre de 2004 1:50
Para: full-disclosure@xxxxxxxxxxxxxxxx; bugtraq@xxxxxxxxxxxxxxxxx
Asunto: Official IFRAME patch - make sure it installs correctly


The IFRAME vulnerability has been patched, see
http://www.microsoft.com/technet/security/bulletin/ms04-040.mspx

*** Make sure you are patched after installing ***
I installed it using "Automatic Updates" (on Win2ksp4), rebooted and loaded
my InternetExploiter.html: IT STILL WORKED!!
Even though both "Automatic Updates" and
"http://windowsupdate.microsoft.com"; reported that I was patched!?!
I manually downloaded the exe and ran it, rebooted and now I'm finally
truely patched.

It might just have been a glitch on my system, but you might wanna check
anyway: InternetExploiter.html can still be downloaded from my website.

Berend-Jan Wever
<skylined@xxxxxxxxxxxxxxx>
http://www.edup.tudelft.nl/~bjwever
SkyLined in #SkyLined on EFNET





=============================
Este mensaje se dirige exclusivamente a su destinatario.
Puede contener informacion confidencial sometida a secreto profesional o cuya 
divulgacion
este prohibida, en virtud de la legislacion vigente. No esta permitida su 
divulgacion,
copia o distribucion a terceros sin la autorizacion previa y por escrito de 
Iberdrola.
Si ha recibido este mensaje por error, le rogamos nos lo comunique 
inmediatamente
por esta misma via y proceda a su destruccion.

This e-mail is intended exclusively for the individual or entity to which it is 
addressed
and may contain confidential or legally privileged information, which may not 
be disclosed
under current legislation. Any form of disclosure, copying or distribution of 
this e-mail
is strictly prohibited, save with written authorisation from Iberdrola.
If you have received this message in error, please notify the sender 
immediately by e-mail
and delete all copies of the message.
=============================

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] SUSE Security Announcement: cyrus-imapd (SUSE-SA:2004:043)
Next by Date: [Full-Disclosure] Gaim Festival Logoff Vulnerability <= 0.81 (1.03)
Previous by thread: [Full-Disclosure] SUSE Security Announcement: cyrus-imapd (SUSE-SA:2004:043)
Next by thread: [Full-Disclosure] Gaim Festival Logoff Vulnerability <= 0.81 (1.03)
Index(es):
- Date
- Thread