Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: Unofficial Internet Explorer FRAME/IFRAME fix
From: Thomas Rogg <tr-lists () cherryware de>
Date: Fri, 12 Nov 2004 17:22:12 +0100

Hello Raoul,

But I do not believe that $2,50 is a ridiciously high amount, is it?

But I do not believe that pay $0, get Firefox and do not worry about next (and unpatched previous) IE issues is worse decision :)

Yeah, sure. But there are always other programs that use the Internet Explorer engine to display their HTML pages. See the website for the other reasons (http://www.cherryware.de/framefix/).

Seems that your patch is merely replacing original MSHTML.DLL with one extracted from XP SP2, is it?

Have you looked at the website (http://www.cherryware.de/framefix/)? This is not the case and I'm sure Microsoft wouldn't like that at all. Also, I'm sure there would be problems when trying that with 2000.

FYI, the patch does just-in-time patching. It installs a system-wide callback which is called whenever a module is loaed. When the mshtml module loads, the patch is inserted into the correct place, by replacing 5 bytes of code with a CALL to the patch code, which is inserted in a block created by VirtualAlloc with execute flags.

BTW, to show that the program isn't scam, as some people seem to think, I have wrote down 25 one-time reference IDs on the website to allow 25 people to download and try the patch.

That's all.

-- Thomas

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]