Does anyone know why Microsoft does not have this patch available for XP (no SP) running IE6 ? I know this system is vulnerable to the IFRAME exploit as I tested it.
Bill ----- Original Message ----- From: "Berend-Jan Wever" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, December 01, 2004 8:49 PM Subject: [Full-Disclosure] Official IFRAME patch - make sure it installs correctly > The IFRAME vulnerability has been patched, see http://www.microsoft.com/technet/security/bulletin/ms04-040.mspx > > *** Make sure you are patched after installing *** > I installed it using "Automatic Updates" (on Win2ksp4), rebooted and loaded my InternetExploiter.html: IT STILL WORKED!! > Even though both "Automatic Updates" and "http://windowsupdate.microsoft.com"; reported that I was patched!?! > I manually downloaded the exe and ran it, rebooted and now I'm finally truely patched. > > It might just have been a glitch on my system, but you might wanna check anyway: InternetExploiter.html can still be downloaded from my website. > > Berend-Jan Wever > <[EMAIL PROTECTED]> > http://www.edup.tudelft.nl/~bjwever > SkyLined in #SkyLined on EFNET > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
