Open source firm releases patch for IE spoofing flaw

http://www.smh.com.au/articles/2003/12/18/1071337072117.html

quote from the web site:
An open source and freeware software development web site has released a patch to fix the URL spoofing vulnerability in Internet Explorer http://www.smh.com.au/articles/2003/12/12/1071125632006.html which can be exploited by scammers who try to trick people into revealing details of online banking accounts or other private information.
unquote

I'm going to try the patch after due safequards taken: System Restore.

Regards - Charles

 

Installed the patch on WinME running IE6.0

No problems and passed the spoofing test at a independent site - meaning other than the test site given on the download page.

http://www.secunia.com/MS03-032/TEST/

Will install & test on XP tommorrow.

Regards - Charles

EDIT:

This patch will:

Put a BHO into IE called IE Tray Class and will add a startup item:

Program : Openwares LiveUpdate
Filename : C:\program Files\liveupdate\liveupdate.exe
Description : Openwares' LiveUpdate
Loaded From : HKEY_LM\Run

Registry entries:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Openwares IE Security Patch
HKEY_LOCAL_MACHINE\Software\OpenSoft\Openwares IE Security Patch

 

Charles Hi
have you seen Mikes last post in this thread,

http://forums.spywareinfo.com/index.php?showtopic=21316&st=30

Lonny

 

Thanks Lonny, have been following that thread SpywareInfo.

Scanned wih Ad-Aware:

The BHO

Vendor:IEmsg Hijacker
Categoryata Miner
Object Type:RegKey
Size:-
Location:IEMsg.IETray.1\
Last Activity:12-18-2003
Risk LevelLow
Comment:
Description:No Detail Information Available.

The Reg entry

Vendor:IEmsg Hijacker
Categoryata Miner
Object Type:RegKey
Size:-
Location:IEMsg.IETray\
Last Activity:12-18-2003
Risk LevelLow
Comment:
Description:No Detail Information Available.

I started a thread at Lavasoft:

http://www.lavasoftsupport.com/index.php?showtopic=16540

Awaiting their response.

Regards - Charles

 

Comment about this patch at dslreports:

http://www.dslreports.com/shownews/36596

I did this because my particular set-up allows me to experiment and to reverse any damage that would occur. I do not recommend doing this for those that can't.

For those that are running Proxomitron, there is a filter that can be coded for this spoof. Working on that as well, for details, see the beggining of the SpywareInfo thread http://forums.spywareinfo.com/index...21316&st=30

Regards - Charles

 

Hello all

I like the reply here.
"If Microsoft needed a case study to illustrate the importance of trustworthy computing and not rushing fixes out before you're absolutely sure of them...this is shaping up to be it... "
http://forums.net-integration.net/index.php?showtopic=8358&st=15
Prior to this i had spotted another third party fix for IE vulnerabilities until MS provided one..
good thing I was thrown off by the name,, and of cource they are trying t sell something
{ PivX Solutions, LLC }: http://www.pivx.com/qwikfix/

Regards
Lonny