From: "Richard M. Smith" <[EMAIL PROTECTED]> > Has anyone looked into this new Xupiter toolbar to see how it is being > installed on people's computer? In particular is it using some IE > security hole for the install or does it just use the standard ActiveX > drive-by download mechanism?
It is a standard signed ActiveX component, you have to EXPLICITLY accept installation. It is not using any security holes for installation, and it will only auto-install if you have set your security settings to the absolute MINIMUM. The only culprit here is user stupidity. There is no such thing as a "standard ActiveX drive-by download mechanism", that term is utterly FUD. Regards Thor Larholm _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
