Your Ad Here Your Ad Here
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Dso Exploit - Security Hole

  1. #1
    Superannuated
    Join Date
    May 2003
    Posts
    276
    I have done a Spybot scan... and it returned an entry called DSO Exploit. It looks like 1 entry, although it is a root file with a tree, that branches down into five entries. Anyway, I select to fix the problem, and Spybot says it has fixed it... although the entry is still there. It gives information on the right side of the screen which says this:

    -----------------------------------------------------------------------------------------------

    Company: Microsoft
    Product: Internet Explorer
    Threat: Security hole

    Company URL:
    http://www.microsoft.com/
    Company product URL:
    http://www.microsoft.com/windows/ie/
    Company privacy URL:
    http://www.microsoft.com/info/privacy.htm

    Description
    There's a security hole in IE allowing websites to execute code without asking you first. You can find more information at http://security.greymagic.com/adv/gm001-ie/

    -----------------------------------------------------------------------------------------------

    Anyway, I go the greymagic website it suggests to find out more info. and what I can do, although it doesnt give any instructions on how to repair this. Any help from anyone would be greatly appreciated.

    Thanks.
    "Maybe this world is another planet's Hell." - Aldous Huxley (1894-1963)

    "Never interrupt your enemy when he is making a mistake."
    - Napoleon Bonaparte (1769-1821)

    "Where a calculator on the ENIAC is equipped with 18,000 vacuum tubes
    and weighs 30 tons, computers in the future may have only 1,000
    vaccuum tubes and perhaps weigh 1.5 tons."

    - Unknown

    "The difference between pornography and erotica is lighting."
    - Gloria Leonard

  2. Software & Hardware   -   #2
    Poster
    Join Date
    Jun 2003
    Posts
    126
    Since the injected <object> runs in the "My Computer" Zone changing the Internet Zone&#39;s settings didn&#39;t affect it, but changing the correct zone&#39;s settings will prevent this exploit from running.

    Here is the registry information:

    [HKEY_CURRENT_USER&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Internet Settings&#092;Zones&#092;0]
    Change the value of "1004" (DWORD) to 3.

    Many thanks to Axel Pettinger and Garland Hopkins for this workaround.
    from the site you mentioned.

    just be sure to backup the key in question before trying.

    and how do you know the dso exploit is still there? sometimes spybot needs a reboot to fix the item in question.

  3. Software & Hardware   -   #3
    Poster
    Join Date
    Aug 2003
    Location
    Burmoda triangle, right behind you!
    Posts
    571
    To repair this, Disable scripts; not recommended since alot fo sites use Java and other scripts.
    Click the longhorn icon to visit my website.
    <span style='color:blue'><span style='font-size:8pt;line-height:100%'> You try Everything in my/our post(s) at YOUR own risk. I/we do not take responsibily for damages, caused by the post(s). Clicking on/or modifying anything in here is not permitted. Whoever edits my sig is a pussy.</span></span>

    ::::::::::::::::::::::::::::::::::::::::

  4. Software & Hardware   -   #4
    Superannuated
    Join Date
    May 2003
    Posts
    276
    Originally posted by dopey@16 June 2004 - 12:22
    Since the injected <object> runs in the "My Computer" Zone changing the Internet Zone&#39;s settings didn&#39;t affect it, but changing the correct zone&#39;s settings will prevent this exploit from running.

    Here is the registry information:

    [HKEY_CURRENT_USER&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Internet Settings&#092;Zones&#092;0]
    Change the value of "1004" (DWORD) to 3.

    Many thanks to Axel Pettinger and Garland Hopkins for this workaround.
    from the site you mentioned.

    just be sure to backup the key in question before trying.

    and how do you know the dso exploit is still there? sometimes spybot needs a reboot to fix the item in question.
    supersonic Posted: 16 June 2004 - 18:41

    To repair this, Disable scripts; not recommended since alot fo sites use Java and other scripts.


    -----------------------------------------------------------------------------------------------



    supersonics idea seems completely pointless to me as the first sentence says do this.... and the second says... its not a good idea.

    Thanks for advice buddy.

    Hey Dopey... if you can show me exactly how to do what you suggest, that would be great, because I have no clue on this.

    Cheers
    "Maybe this world is another planet's Hell." - Aldous Huxley (1894-1963)

    "Never interrupt your enemy when he is making a mistake."
    - Napoleon Bonaparte (1769-1821)

    "Where a calculator on the ENIAC is equipped with 18,000 vacuum tubes
    and weighs 30 tons, computers in the future may have only 1,000
    vaccuum tubes and perhaps weigh 1.5 tons."

    - Unknown

    "The difference between pornography and erotica is lighting."
    - Gloria Leonard

  5. Software & Hardware   -   #5
    Poster
    Join Date
    Aug 2003
    Location
    Burmoda triangle, right behind you!
    Posts
    571
    To disable scripts:
    IE:
    Internet options>security>&#39;chose a security zone&#39; then go go "custome level" and disable scripting.
    As I said, you CAN do it, but I DON&#39;T think you SHOULD do it.
    Solution:
    Get Firefox instead of IE, it might solve ur problem.
    Click the longhorn icon to visit my website.
    <span style='color:blue'><span style='font-size:8pt;line-height:100%'> You try Everything in my/our post(s) at YOUR own risk. I/we do not take responsibily for damages, caused by the post(s). Clicking on/or modifying anything in here is not permitted. Whoever edits my sig is a pussy.</span></span>

    ::::::::::::::::::::::::::::::::::::::::

  6. Software & Hardware   -   #6
    Superannuated
    Join Date
    May 2003
    Posts
    276
    Yes supersonic... I understand you said CAN... and I say... why would you suggest to do something... then say " I dont recommend it" Kinda pointless eh?

    Also, I dont plan on getting rid of IE. I wish would stop suggesting another browser. IE is fine... just like it was when I had another issue. It wasnt the damn browser it was the firewall. So no changing of the browswer for me.

    And I still need info on how to fix the orginal problem. I don&#39;t want suggestions on what I &#39;CAN&#39; do, but not recommened. That is why I was asking Dopey... because he solved a problem for me before, without giving me "I wouldnt recommend doing this" lingo.
    "Maybe this world is another planet's Hell." - Aldous Huxley (1894-1963)

    "Never interrupt your enemy when he is making a mistake."
    - Napoleon Bonaparte (1769-1821)

    "Where a calculator on the ENIAC is equipped with 18,000 vacuum tubes
    and weighs 30 tons, computers in the future may have only 1,000
    vaccuum tubes and perhaps weigh 1.5 tons."

    - Unknown

    "The difference between pornography and erotica is lighting."
    - Gloria Leonard

  7. Software & Hardware   -   #7
    Poster
    Join Date
    Mar 2003
    Posts
    367
    It sounds like the spybot bug that&#39;s causing it to return.

    Manually changing the registry key value should fix it, as posted earlier.

  8. Software & Hardware   -   #8
    manker's Avatar effendi
    Join Date
    May 2004
    Location
    I wear an Even Steven wit
    Posts
    44,031
    Originally posted by musicmaster@18 June 2004 - 21:07
    Yes supersonic... I understand you said CAN... and I say... why would you suggest to do something... then say " I dont recommend it" Kinda pointless eh?

    Also, I dont plan on getting rid of IE. I wish would stop suggesting another browser. IE is fine... just like it was when I had another issue. It wasnt the damn browser it was the firewall. So no changing of the browswer for me.

    And I still need info on how to fix the orginal problem. I don&#39;t want suggestions on what I &#39;CAN&#39; do, but not recommened. That is why I was asking Dopey... because he solved a problem for me before, without giving me "I wouldnt recommend doing this" lingo.
    you have such a bad attitude when asking for advice. if you don&#39;t like the advice given then don&#39;t follow it, no need to bitch and whine. what is wrong with saying "thanks but I don&#39;t wish to change my browser, does anyone know of a different fix?"

    no-one is getting paid to put up with your crap.
    I plan on beating him to death with his kids. I'll use them as a bludgeon on his face. -

    --Good for them if they survive.

  9. Software & Hardware   -   #9
    Poster
    Join Date
    Jun 2003
    Posts
    126
    from Jg427&#39;s link


    The second choice would be to use a REG file to fix it. Open notepad and paste the contents of this block into is:

    Code:
    REGEDIT4
    
    &#91;HKEY_CURRENT_USER&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Internet Settings&#092;Zones&#092;0&#93;
    &#34;1004&#34;=dword&#58;00000003
    Save that to some place on your disk as something like: FIXDSO.REG
    save as all files

    Then you can simply double click that file and merge the change (fix) into your registry. This will fix the one for the "current user" you are logged into your system as. There is less chance of making an error this way. Note that it is always recommended to backup your registry before making changes to it. (If you are unsure about doing that, then I refer you back to my main recommendation above and wait for Spybot to fix it.)

    to backup your registry, you can simply create a restore point.
    Code:
    http&#58;//www.microsoft.com/windowsxp/using/helpandsupport/learnmore/systemrestore.mspx
    the gist of all the previous posts there recommended that you can make use of all the critical windows updates, and you should be protected, and/or wait for spybot to update to correct the problem.

  10. Software & Hardware   -   #10
    zapjb's Avatar Computer Abuser BT Rep: +3
    Join Date
    Nov 2002
    Posts
    3,694
    I use dsostop2.exe it&#39;s freeware.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •