* * * * the following message if being didplayed on a on/off basis when I connect an my homepage dl's




* * * Why does this page look like this? *This page has been designed to work best with current browsers. *If you're seeing this message, you either have an older browser, or you have disabled CSS (Cascading Style Sheets) support in your browser. *You can continue using this browser, but you won't experience MSN at it's best. *Your experience may suffer, and the reliability and security of your information cannot be guaranteed



* * * * *my browser is current enough...but yes I have entered a block for css........I seem to recall that cascading style sheets can be exploited in some form or another...........I don't have the info on this at this time so can post more on that.

* * * *the block actually resulted after I noticed that I had two connection to <msn> whenever connecting.....
..the the first block I made result in a white page displaying a redirect being blocked......an the page went no where.....an I just moved on....

* * * *then I noticed something else....when viewing files in internet explorer........an ASHX file...ok, so whats a ASHX file?? * *so I blocked the <msn> site it came from...an now the above display if resulting....an I have only one connection to <msn> on connecting.....but I stress that this is not consistent.......the blocks are there but the results are now always the same.

* * * so, is this a <msn> call-home..........?


* * * for anyone interested the block was set on:

*(<wwx.msn.com/styles/css-site3>) * * *

* * * *the redirect that also has been blocked is:

* * (((((<link rel="stylesheet" type=yext/css>))))

* * * * the < at the beginning actually belongs there


* * * * I've no idea whats I am blocking here...but it seem to upset M$ so I like it........

* * * *CAUTION:

* * * * one of the posted links above is live/active....I thought when posting that it would not be "live" but it is.

* * * * I clicled on the like...nothing appear...but my CPU says something went on.....careful here folks.....sorry for this mishap

Hi snowman,

the only thing I get there is this:

-{ Quote: "Sorry, the page you're trying to reach is temporarily unavailable or the page may no longer exist. *
Please try one of the following:
Click your browser's Refresh button to try reconnecting.
Check the spelling of the URL to make sure the address is correct (capitalization and punctuation are important) and then click your browser's Refresh button.
Click your browser's Back button to return to the previous page.
*

Error type 404 - Object Not Found
" }-

But I'm using NIS-ad-blocking-feature, IE-SPYAD, HOSTS, IEClean.
Anyway, thanks for it, I just now blocked c.msn.com in HOSTS (long time ago I already did block c.microsoft.com ).

* * * *FanJ

* * * *thank you for checking into to that link....I always worry about active links.


* * * *just blocking the <c.msn> did not complete work in my case......the entire url as posted above had to be blocked.....the first block I made was the same as the one you made......it still got through......the ASHX file still would show up again......

* * * hmmmmmm....when I click that link nothing shows....whatever page thats open at the time remains the same.

* * * http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=discussion&id=4411




* * * * the topic of this thread has now been discovered to be an exploit.........(hack)

* * * * * nice to see that this exploit has been discovered.......


* * * * * so,,,,has M$ been/is using this means to to profile users.? * no accusation....food for thought.

* * * * * since placing the blocks I have not expereinced this problem again......


* * * *Paul and/or Mods


* * * * * * seing that this has been discovered....perhaps it would be a good idea to delete the active link to MS posted above.........your call guys.

snowman,

-{ Quote: "Paul and/or Mods


* seing that this has been discovered....perhaps it would be a good idea to delete the active link to MS posted above.........your call guys." }-

Not deleted, but made into an inactive link (wwx). Thus, anyone who feels the need to visit the URL, can do so by altering the URL. Best of both worlds - I hope!

regards.

paul

http://online.securityfocus.com/archive/1/265427

-{ Quote: "Microsoft was first informed on 18 Feb 2002 (44 days ago), they have opened an investigation regarding this issue and will probably release a patch in the near future.

Until a patch becomes available the only workaround is to disable Active Scripting. " }-

* * * * *Paul

* * * * *thanking you kindly.........defintely I have managed "somehow" to block the exploit entirely at this particular time...will contiue monitoring..




* * * SPECIAL NOTE

* * * *disabling activeX *does not stop this exploit.
* * * *activeX has not been enabled on my computer for a
* * * *very long time......no zones have activeX enabled.

* * * *an yet obviously this exploit was able to load on
* * * *to my computer. * * if disabling activeX was the
* * * *solution...as stated by M$.....this exploit would
* * * *not have loaded onto my os.


* * * * this is posted as a pre-caution......other comments/
* * * * opinions welcomed.


* * * * * * * * * * * * *snowman


* * *

* * * * am I mis-understanding something here......M$ is investigating this.......huh........css is needed/essential for the M$ homepage to load properly (as M$ would want/have it load)

* * * right now my homepage contains black letters/white background.........with css blocked.