Why Windows?
Octavian Rasnita
orasnita at home.ro
Tue May 21 01:44:03 EDT 2002
Hi,
Here is a message I've received. I've tried it, and it works.
I can't find the HTML file I've created, but you can try that provided
link.
I don't know if it was solved until now.
A security hole has been discovered which affects all versions of IE since
version 4 plus OE and Outlook even if Active Scripting and ActiveX are
disabled in the browser settings. MS has no patch yet, but this page here
http://www.theregus.com/content/4/24206.html
has more details.
The site is experiencing heavy traffic so here are the details:
<snip>
IE, Outlook run malicious commands without scripting
By Thomas C Greene in Washington
Posted: 03/04/2002 at 08:46 EST
An attacker can run arbitrary commands on Windows machines with a simple
bit of HTML, an Israeli security researcher has demonstrated. The exploit
will work with IE, Outlook and OutlooK Express even if active scripting and
ActiveX are disabled in the browser security settings.
The problem here is data binding, an old 'feature' going back to IE4 in
which a data source object (DSO) is bound to HTML.
Using an XML data source, the researchers operating a Web site called
GreyMagic Software came up with a simple example in which a few lines will
cause Windows to launch the calculator application thus:
<span datasrc="#oExec" datafld="exploit" dataformatas="html"></span>
<xml id="oExec">
<security>
<exploit>
<![CDATA[
<object id="oFile" classid="clsid:11111111-1111-1111-1111-111111111111"
codebase="c:/windows/system32/calc.exe"></object>
]]>
</exploit>
</security>
</xml>
You can copy and paste this into a text editor, where "windows" is your
Windows directory, and name it whatever.htm. Then open the file with your
browser and watch the calculator launch.
MS has yet to patch the hole, but we've verified that a workaround proposed
by Axel Pettinger and Garland Hopkins works on the above example, though
that's no guarantee that it will work on every exploit of this sort.
Using regedit.exe find the following key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0]
and change the value of "1004" (DWORD) from "0" to "3".
Don't forget to back up your registry before making changes, even innocuous
ones like this.
You can then re-boot and open the example file with your browser again to
verify that it fails to launch the calculator. However, the workaround will
often cause IE to launch a security warning dialog box which has to be
cleared before you can continue surfing. It tells you that your security
settings are interfering with your rich Internet experience, and you can't
tick a box ordering it to stop warning you of what you already know.
Personally I believe MS does this to discourage high security settings in
IE which interfere with the rich eXPeriences advertisers have in store for
you on the Web, and which MS seems inexplicably eager to vouchsafe. You
don't get sick of the slightly scaled-down functionality; you get sick of
the endless warnings and eventually capitulate and restore your settings to
Redmond-approved, and Direct Marketing Association-approved, levels.
But we digress.
Obviously, there's a slew of malicious activities which can be attempted
with this exploit, and a slew of people busily working on them. Thus it
might be prudent to apply the workaround until Redmond issues a patch -- if
you can stand to be harangued about your security settings at every turn,
that is. ®
Teddy,
orasnita at home.ro
----- Original Message -----
From: "David Poehlman" <poehlman1 at comcast.net>
To: <speakup at braille.uwo.ca>
Sent: Monday, May 20, 2002 1:50 PM
Subject: Re: Why Windows?
I do not understand this message. how can ie open notepad unless you
ask for the source and then it is designed to do that.
----- Original Message -----
From: "Octavian Rasnita" <orasnita at home.ro>
To: <speakup at braille.uwo.ca>
Sent: Sunday, May 19, 2002 10:32 PM
Subject: Re: Why Windows?
Yes you're right.
I have an HTML page and if you open it from a web site in Internet
explorer,
it opens you the Notepad.
Internet Explorer, is not very secure, of course.
But I think there are problems with Unix also.
Go to www.astalavista.com and you will find some tutorials about how to
crack Unix, etc.
I don't know if they work because I haven't tried it, but ...
Teddy,
orasnita at home.ro
----- Original Message -----
From: "Rich Caloggero" <rjc at MIT.EDU>
To: <speakup at braille.uwo.ca>
Sent: Sunday, May 19, 2002 11:05 AM
Subject: Why Windows?
OK, I think windows exists for sighted people. I think that blind people
need to use windows if they are doing sys-admin or other tasks which
require
them to interact with windows, or dare I say, help a sighted person use
their friendly little crash-prone boxes! <smile> I often think that the
reason windows is so unstable is to keep us sys-admins employed!
Hehehehehahahahe!
Actually, I heard an interesting windblows tidbit the other day. In
windows
3.1, there was a concept called Object Linking and Embeding (OLE). It
allows
one to put, say, a sound file within a spreadsheet, and embed all that
within something else. In fact, this is what XML does for you, but those
were the days long before XML. Anyhow, they were also the days before
the
internet became widely popular. The problem was that OLE was not at all
secure. When the internet became more widely used, and malware began to
spread, people realized that this stuff was very insecure. So Microsoft
began building layer on top of layer to try and address these issues. By
the
time the security problems were becomign more widely exployted,
Microsoft
had traveled too far down the OLE path, and could not give it up. I
forget
what all the crap on top of OLE was called, but the dot net stuff is
merely
another layer on top of the broken OLE, so Microsoft security issues
will
forever be rearing their ugly heads, and Microslop will have to patch
every
single one of them!! Hahahahehehehehehaha!
Rich
----- Original Message -----
From: "Deedra Waters" <curi0315 at tampabay.rr.com>
To: <speakup at braille.uwo.ca>
Sent: 19 May, 2002 1:24 AM
Subject: Re: interesting experiment.
I think honestly that if beginners have an easy start it may help some
in
the long run. I honestly think that there are some people who want to
learn but are having a hard time in which case, helping them can be
useful.
I'm bad at sitting and reading manpage after manpage trying to find
things, and I was even worse at the beginning. I had a great deal of
help
in the beginning, and there was a lot I didn't understand.
I'm not really sure where I'm going with this accept to say that there
are
people who have a real hard time by just reading, and helping them, or
trying to walk them threw some things doesn't always mean that they
need
to be spoonfead
On Sun, 19 May 2002, Toby Fisher wrote:
> On Sun, 19 May 2002, Octavian Rasnita wrote:
>
> > Hi, thank you.
> > No, I don't like Windows. I don't use to play games because I don't
have
the
> > time.
>
> Oh now you don't know what you're missing, I can recommend GMA Games
for
> one, for a bit of light relief.
>
> <snip>
>
> > But I also don't like to see a lot of people from this list, nor
> from any
> > list, thinking that Linux is better than Windows.
>
> Actually, if you look carefully at most of what you view to be
> anti-Windows comments, they are, in the main, aimed at the company
that
> spawned it.
>
> > Windows is better than Linux for multimedia development but
Macintosh is
> > even better than Windows for this thing.
> >
> > Some Unix graphic stations are better probably than Macintosh for
their
> > purpose.
>
> Yes, but until very recently Macintosh had a problem with expensive
> hardware, for example, on some power macs there was only 1 make of
modem
> you could use because of the connection it required; guess what,
they're
> not made any more so my friend is going to have to buy a new computer,
> this is, imho, a potential problem which can arise when hardware and
> software are made by the same company, as used to happen back in the
big
> mainframe days.
>
> <snip>
>
> > I like the Linux users to be a kind of helpful community, because
> they are
> > not very many, especially blind, but all the experimented people in
linux
> > give the beginners criptical commands without explaining too much,
RTFM,
> > etc.
>
> I believe that there are reasons for this.
>
> First, what that person may want is a means to get up and running as
> hasle-free as possible. Second, explanation of the command may, and
note
> I use the word may, cause confusion, until the person has read some
docs,
> which they may be unable to do due to whatever problem it is that has
> caused them to write to the list.
>
> Third, it does not help anyone, least of all the beginner, if they are
> spoon-fed, as they may then be unable to help themselves if they are
ever
> stuck without an internet connection, or otherwise unable to call on
> required assistance.
>
> Cheers.
>
> --
> Toby Fisher Email: toby at g0ucu.freeserve.co.uk
> Tel.: +44(0)1480 417272 Mobile: +44(0)7974 363239
> ICQ: #61744808
> Please avoid sending me Word or PowerPoint attachments.
> See http://www.fsf.org/philosophy/no-word-attachments.html
>
>
>
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
_______________________________________________
Speakup mailing list
Speakup at braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup
_______________________________________________
Speakup mailing list
Speakup at braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup
_______________________________________________
Speakup mailing list
Speakup at braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup
More information about the Speakup
mailing list