FW's DDE IE Vuln now Eliminated

Discussion in 'other firewalls' started by StevieO, Oct 9, 2005.

Thread Status:
Not open for further replies.
  1. StevieO

    StevieO Guest

    I feel this is important enough to deserve it's own thread so as many people as possible get alerted to it straightaway, as some may bypass the other thread maybe thinking there is no solution available and therefore miss out on this !

    I've just discovered how to finally eliminate the DDE exploit mentioned here https://www.wilderssecurity.com/showthread.php?t=99853

    I followed the advice on the MS link in this thread - It is possible to disable the DDE starting method like explained here: https://www.wilderssecurity.com/showthread.php?t=99904

    Quite why nobody thought to post it in the DDE exploit thread is very dissapointing !

    I had two identical entries in my URL File and changed them both as per the instructions.

    I closed all IE's and then tried the FW test again. BINGO !!! now unless i allow IE through the ZA Free Prompt it doesn't go out at all. I do get a Msg box whenever i launch IE as shown here

    http://img197.imageshack.us/img197/531/iedef11ja.png

    but that can be disabled in one Sec.

    However please do NOT make IE your DEFAULT BROWSER by clicking Yes. I tried it to see what would happen, and the settings i'd changed reverted back to the earlier ones, and i had to redo the above steps !

    So it's good news at last for everybody with ANY make FW, as far as i can establish anyway, that the answer lies in those MS settings, and not a BUG as such with FW's generally.

    I recommend you do it ASAP


    StevieO
     
  2. pcalvert

    pcalvert Registered Member

    Joined:
    May 21, 2005
    Posts:
    203
    There may be other methods as well. That test program failed to do anything on my computer, and I don't know why. I have IE locked down pretty well, so that may be the reason. Or perhaps it's something else. I will probably do some testing in the future in order to figure out what's going on.

    BTW, the tooleaky firewall test also failed on my computer. I am using Kerio 2.1.5, so it should've been able to get out, but it couldn't. So obviously something else was stopping it. Or rather, something it needs to work is disabled or is not present on my computer.

    Phil
     
  3. Please note that this isn't a IE only problem, browsers like firefox also are affected by DDE

    I'm using another method as well myself to solve the problem, but this method works too.

    I was reluctant to turn off DDE, because I dimly remember reading it somewhere, that it is needed, if you want firefox to open a new tab in the existing window (as opposed to a new window) when cliking links from other apps (eg Newsreader).

    Surprisingly enough on my setup it still opens tabs instead of a new window.
    At least on my setup which uses tab mix. I'm not sure about the native firefox tab browsing builds.
     
Loading...
Similar Threads
  1. Overkill
    Replies:
    5
    Views:
    721
Thread Status:
Not open for further replies.