Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: Official IFRAME patch - make sure it installs correctly
From: "Rivera Alonso, David" <drivera () iberdrola es>
Date: Fri, 3 Dec 2004 10:11:20 +0100


Same happened to me.
I went to WindowsUpdate, patched it and run MBSA, who told it wasn't
patched. I had to download the .EXE and run again. After the reboot, MBSA
told I was safe.

-----Mensaje original-----
De: Berend-Jan Wever [mailto:skylined () edup tudelft nl] 
Enviado el: jueves, 02 de diciembre de 2004 1:50
Para: full-disclosure () lists netsys com; bugtraq () securityfocus com
Asunto: Official IFRAME patch - make sure it installs correctly


The IFRAME vulnerability has been patched, see
http://www.microsoft.com/technet/security/bulletin/ms04-040.mspx

*** Make sure you are patched after installing ***
I installed it using "Automatic Updates" (on Win2ksp4), rebooted and loaded
my InternetExploiter.html: IT STILL WORKED!!
Even though both "Automatic Updates" and
"http://windowsupdate.microsoft.com"; reported that I was patched!?!
I manually downloaded the exe and ran it, rebooted and now I'm finally
truely patched.

It might just have been a glitch on my system, but you might wanna check
anyway: InternetExploiter.html can still be downloaded from my website.

Berend-Jan Wever
<skylined () edup tudelft nl>
http://www.edup.tudelft.nl/~bjwever
SkyLined in #SkyLined on EFNET





=============================
Este mensaje se dirige exclusivamente a su destinatario.
Puede contener informacion confidencial sometida a secreto profesional o cuya divulgacion
este prohibida, en virtud de la legislacion vigente. No esta permitida su divulgacion,
copia o distribucion a terceros sin la autorizacion previa y por escrito de Iberdrola.
Si ha recibido este mensaje por error, le rogamos nos lo comunique inmediatamente
por esta misma via y proceda a su destruccion.

This e-mail is intended exclusively for the individual or entity to which it is addressed
and may contain confidential or legally privileged information, which may not be disclosed
under current legislation. Any form of disclosure, copying or distribution of this e-mail
is strictly prohibited, save with written authorisation from Iberdrola.
If you have received this message in error, please notify the sender immediately by e-mail
and delete all copies of the message.
=============================

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]