PDA

View Full Version : MS03-032 still to patch

JacK
September 23rd, 2003, 07:14 AM
Hello,

Demo :

http://www.heise.de/security/dienste/browsercheck/demos/ie/htacheck.shtml

This exploit allows installing and executing any application on your PC !

Due to incorrect patching of the patch MS03-032 from 28082003.

Just add in your FW rules MSHTA.EXE (Path X:\WINDOWS\system32\mshta.exe) among disallowed app.


System Safety Monitor prevent the exploit.
Htastop (http://www.nsclean.com/htastop.html) prevent the demo but don't solve the issue.

Rgds,
meneer
September 24th, 2003, 05:57 AM
We disabled ActiveX, it seems we don't have to take care 8)
analyzer
September 26th, 2003, 02:50 AM
-{ Quote: " quoting: JacK link=board=18;threadid=14130;start=0#msg89440 date=1064315650]
Hello,

Demo :

http://www.heise.de/security/dienste/browsercheck/demos/ie/htacheck.shtml

This exploit allows installing and executing any application on your PC !

Due to incorrect patching of the patch MS03-032 from 28082003.

Just add in your FW rules MSHTA.EXE (Path X:\WINDOWS\system32\mshta.exe) among disallowed app.


System Safety Monitor prevent the exploit.
Htastop (http://www.nsclean.com/htastop.html) prevent the demo but don't solve the issue.

Rgds,

" }-

How to configure SPF Pro to block this file ?