The important thing is that there is a patch for IE 5 and 5.5. IE 6.0
shouldn't need a patch since this issue was identified quite a while back.
The Media Player launch is annoying but relatively harmless, since Media
Player apparently can't launch an .exe file. Are you getting the prompt to
save the file? If not, check your IE security and see what the iFrame
setting is
What I find interesting is that I'm running IE 6.0 on Win2K Pro and I
can't get figure out what IE setting is causing it to trigger the Media
Player launch. I've turned sounds back on and still don't get Media
Player.
> The bulletin only relates to IE 5 and 5.5 and has been superceded. Following
> the trail of bulletins out to the end, they still say they only apply to IE
> 5 and 5.5. I'm running IE 6.0 and still had Media Player launch because of
> the Mime code.
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 18, 2001 4:57 PM
> To: Exchange Discussions
> Subject: RE: New Virus / Worm ??
>
>
> It exploits the very dangerous iFrame vulnerability detailed at
> http://www.microsoft.com/technet/security/bulletin/ms01-020.asp. The one
> thing that article doesn't tell you is that the IE patch it describes does
> not block the ability of Office documents in an iFrame to launch
> automatically. What that means is that if you don't have Office macro
> security set high enough, the next attack could use a Word .doc macro to
> deliver its payload.
>
> > I just received an e-mail with this virus/worm. It appears to be not very
> > nice. I use the preview pane in Outlook and it automatically attempted to
> > launch the attachment. For once, I'm glad I had the new security features
> > in Outlook SR-1 that does not allow launching an .exe w/out saving it to
> the
> > hard drive first.
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
