Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Patch 810847 for MSIE 5.5 SP2

0 views
Skip to first unread message

russ

unread,
Jan 9, 2003, 4:51:15 PM1/9/03
to

Today, critical update service for NT 4.0 has patch 810847
listed for MSIE SP2. No information about it is on
Microsoft site. What is it?

Bill Sanderson

unread,
Jan 10, 2003, 12:26:43 AM1/10/03
to
Ditto, NT4, IE 6 SP1.

"russ" <rsh...@itecref.com> wrote in message
news:233601c2b829$3b8d4880$d2f82ecf@TK2MSFTNGXA09...

Jon Kade

unread,
Jan 10, 2003, 3:03:03 PM1/10/03
to

>Now, I think I found the solution to the disabled "Home
page" option:
>deleting
HKCU|Software|Policies|Microsoft|InternetExplorer|Control
>Panel|Home, but I won't be able to test it until tomorrow.

Resolution: Either delete the Control Panel key, or all
the data within it.

AStein

unread,
Jan 15, 2003, 2:11:38 PM1/15/03
to
Finally, someone else has seen this. I though I was the
only one who noticed it.

At first I thought it was a "hush hush" fix for that nasty
update Q328310 that has been causing so many blue screens
on NT 4 workstations. MS still hasn't owned up to that one
yet. I found it strange that the patch was designated as
CRITICAL yet there was no mention of it ANYWHERE on the
internet, including the MS support sites.

My first post to the MS newsgroup NT/Miscellaneous never
showed up and I had about given up hope. If the patch
fixes a flaw, great, I'm all for it! However, I think we
are entitled to know what that flaw was and what was done
to correct it.

>-----Original Message-----

>A coworker suffered an exploit two days ago that, I
believe, is the
>reason for the patch. I've never seen or heard of
anything exactly
>like it, anyway. To quote a message I posted elsewhere:
>
>MSIE was hit by a search-page replacement JS exploit, but
this was
>much more invasive than the norm. I counted about twenty
iterations
>of the alternate (porn) URL in the registry, and the
author of the
>exploit seems to have discovered a way to change the
Internet Options
>control panel applet substantially. The Security and
Advanced tabs
>have been removed entirely and the Home page option in
the General tab
>is greyed out.
>
>McAfee caught at least one of the trojans in execution,
JS/NoClose,
>though it just functioned to hold open the browser while
the security
>zone was set low and other registry changes were made.


>
>Now, I think I found the solution to the disabled "Home
page" option:
>deleting
HKCU|Software|Policies|Microsoft|InternetExplorer|Control
>Panel|Home, but I won't be able to test it until tomorrow.
>

>Anyone else have thoughts or insight on the patch or the
trojan
>combination?
>.
>

Bill Sanderson

unread,
Jan 15, 2003, 11:45:11 PM1/15/03
to
I've posted about this here and in hfnetchk, with no response from anyone
knowledgable.

Whatever it is, it appears to be only for NT4 machines, with various
versions of IE. I posted the text of both the patch as offered by WU and as
shown after installation in WU history in a thread in
microsoft.public.hfnetchk.

I don't know what is going on. I am also seeing emails that look a lot like
w32.Gibe, but purport to contain a January 2003 Cumulative patch--so perhaps
theres some effort to avoid raising confusion about the possible legitimacy
of the email worm in the public's mind. If this is the issue, I'm entirely
sympathetic and will keep my mouth shut!

"AStein" <ASt...@thealaskaclub.com> wrote in message
news:8f9501c2bcc9$eda69180$8bf82ecf@TK2MSFTNGXA05...

0 new messages