CRITICAL UPDATES RE-APPEAR
Running Windows ME I have 2 critical updates that show
they were installed, but they keep showing up in
the "updates to install" list. The updates are KB840315
and KB832894. In fact KB832894 shows it's been installed 4
times!! Does anyone know what's up? Tag: Driver updates Tag: 57377
Security patches(839645, 841872)having issues when ran in a batch
Hello,
I was wondering if anyone had a fix for the issue I am having? My issue is when security patches(839645, 841872) are applied while using them in a batch file it comes up with this error(The drive is not ready for use: its door may be open. Please check drive E: and make sure that a disk is inserted and that the drive door is closed.) This only becomes an issue when the workstation has a Zip drive installed, but if you run the patches individually they run as advertised. I know this sounds confusing, but I was wondering if anyone has seen this before or could help me out.
Thank you Tag: Driver updates Tag: 57375
critical update 839643
On about 7 June 04, Microsoft started offering CRITICAL
UPDATE KB 839643. Everytime I try to install it, I get a
setup error, " Setup cannot continue because one or more
pre-requisites ... failed. Well, long story short,
Microsoft has a KB 870560 which explains this very error
and the RESOLUTION is go download the same update and try
to reinstall it again !! And you'll get the same error
again and again. If you go to MS04-016 and carefully
follow the instructions, Microsoft again Fixes this error
by having to download the update again !!!
This is an INFINITE LOOP ! NON - SENSE !!!
Can't they just talk in plain English ??
Why do we get this error applying a CRITICAL UPDATE ???? Tag: Driver updates Tag: 57369
Norton is missing
Good day
I am running XP and Norton 2002.
Recently I had a warning about (I think) W32.spot.
Unfortunately I did not take any notice!!
Noe I find that Norton 2002 no longer loads, so I cannot
update it. I have tried to run an on-line scan using
the Norton website, but it will not let me. I can still
use my system as normal and receive emails, but am unable
to run Norton in order to update it.
Has anybody any ideas please.
Regards.
Hazel Tag: Driver updates Tag: 57368
Outlook Express
OE has blocked access to an "unsafe attachment" to an
email. This is an important invoice. How can I gain
access to this attachment, please? I have scanned it(i
think) with norton-came up clean. plz help. Thanks Tag: Driver updates Tag: 57346
page can not be displeyed
xp home edition
ntfs
ie6
pent4 1.8
dsl
i would normaly go to mcafee to fix a mcafee problem,
but...
i recently uninstalled mcafee. when i went to reinstall
it from their web page, i discovered that i don't get to
a mcafe page. i get 'the page cannot de displayed' the
address reads http:///?%20www.acafee.com Tag: Driver updates Tag: 57339
why and how?
ok ok a question how do people find out your password and log into your hotmail account and mess it up, i have changed my password about 6 times in the last 2 days, i changed my secret question and its proper annoying lol
help
x Tag: Driver updates Tag: 57336
Cannot change homepage
No matter what I change my homepage to, its goes back to solongas.com, which is an advertisement page. I have run Spybot and Adaware have removed all the cookies and temporary internet files. I can't make it go away. Please tell me what to do. Tag: Driver updates Tag: 57335
680180.net/ads
I am receiving extra internet explorer windows from the
above subject. They just keep popping up and mutiplying.
I have a firewall, anti-virus and spyware installed. I
have looked at the properties and tried removing objects
from the registry all without success. How do i rid
myself of this menace. Many thanks for any help
received.Mike. Tag: Driver updates Tag: 57332
check wireless connection
is there a way of finding out if anyone can be hooking up to my wireless
connection. How do I know that my wireless network is secure? I have a
wireless router and I have 64bit WEP encryption enabled on a shared key. I
dont however have the WR firewall enabled. What is the safest way to setup a
wireless network. Tag: Driver updates Tag: 57327
LOST Mcafee component for security program download
due to a BOOTER program in christian chat room 3 ,,,I
was thrown out of even aol.....making a long story
short for 2 months I have had recovery problems....I
am not att the finish line but I lost my MCAFEE
SECURTY 6 program......I was using an older aol
version and forced to go to the new version
9......lost many programs and now the Mcafee
program spoken of above ( that woked well with the
older 7 versions ( taken from a DELL COMPUTER to an
Xp a couple of years ago) is wrong version for aol
9......BUT NOW also some components are missing to
download security 6....I have contacted
windows....HP...and MCAFEE to no avail....how do I get
these necessary componenets in my computer to
redownload this security ptogram....APPRECIALTE ALL
HELPS...thanks in advance even for reading BEFORE all
this problems ...with aol versions 7 MCAFEE WAS
WORLING FINE ......
.. Tag: Driver updates Tag: 57324
Access denied
Hi
IXP crashed and I had to reinstall. I now cannot access the folders under
documents and settings where I stored data, I just get "Access Denied". How
do I access the data inside these folders please?
Brian Bennett Mavorn Tag: Driver updates Tag: 57321
SpyBot 1.3 Automation Issues
I am trying to automate Spybot 1.3 to run automatically but cannot get
the commandline parameters to do what they state they do. I basically
schedule the spybotsd.exe /autoupdate /autocheck /autoclose /autofix
/autosilent /nocancel but I can't get it to automatically close. I
schedule the job as "Local administrator" and it runs but when it is
finished it keeps coming up with a confirmation box and I need to hit
OK. If I run the same scheduled task logged into the Domain as
another user none of the dialogs pop up as they do when I am logged in
as Local Administrator and the most frustrating thing is that the
process just runs forever and never ends! (The domain user I login as
has been added to the local admin group).
What I'm basically trying to accomplish is to create an image on a pc
that I'm going to roll out to 40 different domain users with spybot
already configured to run, update, and close automatically without the
user having to ever interact with it. Is anyone having the same
problem as me or more importantly can anyone offer a suggestion as to
why this isn't working correctly. Thanks a lot in advance. Tag: Driver updates Tag: 57318
Recent Security Updates
Has anyone had a problem with services not starting after the installation
of the latest security updates of July 14th 2004. I have resolved the issue
on my local machine but still have a server with issues. I have not found
any articles from MS stating advers effects to the updates. My local SQL
Server sevice(Using NT Authentication) failed to start after the update and
reboot. My SQL Server box that uses SQL Authentication was fine. I had to
reset the password for the login account on the MS SQLSERVICES Service in
the services panel and then it was OK. Would like to know what this effected
and why so when we do corporate wide updates we can be ready with a fix. or
even better yet MS fixes it first.
Thanks
Tim Tag: Driver updates Tag: 57307
weird icon
I have a weird icon on my taskbar that has ??????????????icon view on it. It
doesn't appear to do anything and the only thing that I can do is close it.
Anybody know what it is? Tag: Driver updates Tag: 57305
Administrator Read Only
Is there a way to give a user all the priviliges to look
at anything an Administrator can see, but prevent him from
making any changes. In my case, we're hiring a security
guy whose job will be to look for security flaws, but not
to change anything. Among other things, he'll need to run
MBSA on the domain, see group policies and event logs, and
audit file and folder permissions. Tag: Driver updates Tag: 57303
403.5 ERROR - PLEASE HELP!
I have posted this twice with one response, I will
try again.
When trying to access my bank, I get the following error:
>HTTP Error 403
>403.5 Forbidden: SSL 128 required
>This error message indicates that the resource you are
>trying to access is secured with a 128-bit version of
>Secure Sockets Layer (SSL). In order to view this
>resource, you need a browser that supports this level of
>SSL.
>Please confirm that your browser supports 128-bit SSL
>security. If it does, then contact the Web server's
>administrator and report the problem.
Also, I can no longer access my webmail any more and my
credit card company web site states that I have an
incompatable browser that I need IE5.5 or above with 128
bit.
I am using MSIE 6, Win2k pro sp4, Norton Internet Sec. v
2004.
Help anyone??? Tag: Driver updates Tag: 57299
Firewalls
Am I correct in believing I don't need to install a software firewall if I
am using an ADSL modem router with a hardware firewall? Tag: Driver updates Tag: 57295
CreateProcessAsUser (error A required privilege is not held by the client)
Hello,
I want to do something similar but I have problems with CreateProcessAsUser
function. It always returns me 1314 error code (A required privilege is not
held by the client).
What I really want to is give more privileges to current process. I'll
explain. I'm developing a service setup and it needs to call net start and
other things. It should be able to install the service under no
administrator users, so I use, first of all, LogonUser and
ImpersonateLoggedOnUser to convert current process to privileged process.
This part goes well and let me extract files in Program Files folder and
write on LocalMachine registry entry.
I tried to use ShellExecute to call "net start service_name" but it didn't
go well. I read that impersonate token is not inherit by new processes, so
ShellExecute took unprivileged token on its creation.
I think that the solution is CreateProcessAsUser to call "net start
service_name" but when I execute it, the result is 1314 error code (A
required privilege is not held by the client), as I said.
I'm very glad if anyone can help me.
This is the part of code that I use to do everything:
bool ActionsUserAuth(bool bControlActived)
{
bool bUserAuth = false;
TCHAR szUsername[MAXSTRINGLEN];
TCHAR szDomain[MAXSTRINGLEN];
TCHAR szPassword[MAXSTRINGLEN];
HANDLE hToken;
HANDLE hAdminUser;
//bool bExit = false;
//int iTry = 0;
ClsTokenPrivileges TokenInfo;
bExit = false;
bControlActived = true;
if (bControlActived)
{
bUserAuth = (IsCurrentUserLocalAdministrator() == TRUE);
bUserAuth = false;
if ((bUserAuth) && (bDebugMode))
Log(TEXT("ActionsUserAuth: administrator privileges"));
else
Log(TEXT("ActionsUserAuth: non administrator privileges"));
memset(szUsername, 0, sizeof(szUsername));
memset(szDomain, 0, sizeof(szDomain));
memset(szPassword, 0, sizeof(szPassword));
//while ((!bUserAuth) && (iTry < 3))
//{
if (!DlgUserAuth(szUsername, szDomain, szPassword))
{
bExit = true;
if (bDebugMode) Log(TEXT("ActionsUserAuth: User authentication dialog
failed"));
return false;
}
if (!RevertToSelf())
{
if (bDebugMode) Log(TEXT("ActionsUserAuth: Revert To Self"));
return false;
}
// Get the current process token handle...
if( !OpenProcessToken( GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY, &hToken ))
return false;
if (!SetPrivilege(hToken, SE_TCB_NAME, true))
return false;
if (LogonUser(szUsername, szDomain, szPassword, LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT, &hAdminUser))
bUserAuth = true;
else
bUserAuth = false;
/*
if (!bUserAuth)
{
if (!bSilentMode)
{
MessageBox(NULL, Diccionary->Get(TEXT("IDS_USERAUTH_ERROR")),
Diccionary->Get(TEXT("IDS_GEN_CAPTIONERROR")), MB_OK);
}
}
else*/
if (bUserAuth)
{
if (!ImpersonateLoggedOnUser(hAdminUser))
MessageBox(NULL, TEXT("Inpersonate Error"), TEXT(""), MB_OK);
/////////////////////////////////////////////////
if (DuplicateTokenEx(hAdminUser, MAXIMUM_ALLOWED, 0, SecurityImpersonation,
TokenPrimary, &hAdminPriv) == 0)
MessageBox(NULL, TEXT("duplicate token Error"), TEXT(""), MB_OK);
if (!SetPrivilege(hAdminPriv, SE_ASSIGNPRIMARYTOKEN_NAME, true))
{
MessageBox(NULL, TEXT("SetPrivilege Error"), TEXT(""), MB_OK);
return false;
}
if (!SetPrivilege(hAdminPriv, SE_INCREASE_QUOTA_NAME, true))
{
MessageBox(NULL, TEXT("SetPrivilege Error"), TEXT(""), MB_OK);
return false;
}
TCHAR szRes[MAXSTRINGLEN];
STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory( &si, sizeof(si) );
si.cb = sizeof(si);
ZeroMemory( &pi, sizeof(pi) );
//my_strcpy(szRes, TEXT("C:\\Archivos de programa\\Inquiero Installable
ISD\\prova.exe"));
my_strcpy(szRes, TEXT("\"C:\\Documents and
Settings\\prova\\Escritorio\\prova.exe\""));
TokenInfo.DisplayInformation(TEXT("C:\\token.info"));
if (!CreateProcessAsUser(hAdminPriv, NULL, szRes, NULL, NULL, TRUE,
IDLE_PRIORITY_CLASS, NULL, NULL, &si, &pi))
{
TCHAR szError[MAXSTRINGLEN];
wsprintf(szError, TEXT("%d"), GetLastError());
MessageBox(NULL, szError, TEXT(""), MB_OK);
}
/////////////////////////////////////////////////
CloseHandle(hAdminUser);
}
// iTry++;
//}
if (!bUserAuth) return false;
}
return true;
} Tag: Driver updates Tag: 57292
Updates slow down Windows XP & download speeds
Hello all:
I am having the same issues with Mac OSX. I have high
speed cable and contantly acheive speeds of 260k per
second download speeds on an unpatched XP pro machine.
On my other machine, I installed all of the updates. As
with OSX, windows I have found has taken a massive
performance hit as a result of all of the security
updates applied. On the same cable these speeds dwindle
down to only 50-60k per second. I cannot find any
threads or support pertaining to this issue. It appears
that performance on these platforms is being sacraficed
for security. Any ideas...? Thanx. Tag: Driver updates Tag: 57283
viruses sent using my address
I have gotten 2 returned e-mails from sources that received mail containing viruses from someone using my e-mail address. The viruses were intercepted and stopped.
I have notified hotmail support, but they have not replied to my request for help.
What can I do to stop this? Tag: Driver updates Tag: 57282
** READ THIS BEFORE POSTING - answers to frequently asked questions 2004.07.15
Before you post a question to a Microsoft.public.*.security newsgroup, note
that your question may already be answered below:
Answers to Top Frequently Asked Questions:
http://securityadmin.info
My question is not mentioned below. How do I get an answer immediately,
with no waiting?
http://securityadmin.info/faq.asp#moreinfo
See also: http://www.google.com/groups?as_ugroup=microsoft.public.*
See also: http://www.google.com/advanced_group_search
See also: http://www.google.com
I want to post a problem or question to the newsgroup. What info do I need
to post in order to get a correct answer quickly?
http://securityadmin.info/faq.asp#netiquette
I just heard about a new Microsoft security patch update. Where can I get
the patch?
http://windowsupdate.microsoft.com OR
http://www.microsoft.com/technet/security/current.asp
I just installed a Microsoft security patch update, and now my computer is
having problems.
http://securityadmin.info/faq.asp#patchbroke
I received an email from Microsoft / Microsoft Support / Microsoft Internet
Security Center claiming to be a security patch [or comprehensive Internet
Explorer update]. Is this a virus?
http://securityadmin.info/faq.asp#microsoftemail
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.
I received a virus email from a Microsoft email address. Who do I report
this to?
http://securityadmin.info/faq.asp#microsoftemail
I have the RPC Blaster worm "virus," what do I do?
http://www.microsoft.com/security/incident/blast.asp
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.
My computer is giving RPC Remote Procedure Call messages.
There is a TFTP message or file on my computer.
My computer keeps locking up, and/or rebooting, or telling me that it will
reboot in 1 minute.
http://www.microsoft.com/security/incident/blast.asp
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.
Where can I download the Blaster worm / RPC DCOM patch?
http://windowsupdate.microsoft.com OR
http://www.microsoft.com/technet/security/current.asp
I'm having a problem caused by the JDBGMGR.EXE Teddy Bear "virus" hoax, or I
want to replace this file.
http://securityadmin.info/faq.asp#jdbgmgr
I forgot my Windows logon password and can't log in. How do I reset it?
http://securityadmin.info/faq.asp#password
I have a problem or a question with a virus or with antivirus.
http://securityadmin.info/faq.asp#virus
NOTE: www.grisoft.com is free antivirus, USE IT.
Why is Outlook Express blocking my attachments as "unsafe"?
http://securityadmin.info/faq.asp#attachments
How do I stop getting pop-up messages? Or adware? Or spyware?
http://securityadmin.info/faq.asp#pop-ups
How do I block people from viewing adult or objectionable content on a
computer?
http://securityadmin.info/faq.asp#contentfilter
How do I block spam emails?
http://securityadmin.info/faq.asp#spam
There is a Content Advisor password blocking me from certain web sites.
http://securityadmin.info/faq.asp#contentadvisor
How do I delete an FTP folder that a hacker put on my computer and I cannot
delete?
http://securityadmin.info/faq.asp#ftpfolder
Have I been hacked? What do I do if I've been hacked?
http://securityadmin.info/faq.asp#hacked
How do I re-secure a computer that has been hacked?
http://securityadmin.info/faq.asp#re-secure
How do I test or improve the security on my computer to avoid being hacked?
http://securityadmin.info/faq.asp#harden
How do I investigate a suspicious IP address that may be trying to hack me?
http://securityadmin.info/faq.asp#trace
How do I report a hacker?
http://securityadmin.info/faq.asp#reporthacker
How do I use a port scanner or vulnerability scanner to test my security?
http://securityadmin.info/faq.asp#portscanner
How do I encrypt my files and/or hard drive?
http://securityadmin.info/faq.asp#encryption
How do I get a firewall? IDS?
http://securityadmin.info/faq.asp#firewall
I want to use the IPSec filtering or IP filtering feature of Windows to
block certain ports and have a problem or question.
http://securityadmin.info/faq.asp#ipsec
I have a problem or question with the XP ICF firewall.
http://securityadmin.info/faq.asp#icf
I have a problem or question with the IIS URLScan tool.
http://securityadmin.info/faq.asp#urlscan
How do I change the banner on my computer or server to hide what software
version I'm using?
http://securityadmin.info/faq.asp#banner
How do I enable Windows Auditing to tell who logged into Windows or who
accessed a file?
http://securityadmin.info/faq.asp#auditing
How do I inspect and disable programs that start up when Windows starts?
http://securityadmin.info/faq.asp#startup
How do I use RUNAS or let someone use RUNAS to run commands as administrator
without having to type the password?
http://securityadmin.info/faq.asp#runas
How do I let non-administrator users run Defrag or change their IP address?
http://securityadmin.info/faq.asp#runas
My question is not mentioned above. How do I get an answer immediately,
with no waiting?
http://securityadmin.info/faq.asp#moreinfo
See also: http://www.google.com/groups?as_ugroup=microsoft.public.*
See also: http://www.google.com/advanced_group_search
See also: http://www.google.com
I want to post a problem or question to the newsgroup. What info do I need
to post in order to get a correct answer quickly?
http://securityadmin.info/faq.asp#netiquette
Note that this is NOT a full list of all the questions answered in the FAQ.
Chances are, your question has probably already been answered. The complete
FAQ is at:
http://securityadmin.info/faq.asp#contents
I hope this is helpful. Feedback, suggestions and criticism regarding the
FAQ are welcome and may be emailed to me.
kind regards,
Karl Levinson, CISSP, MCSE, MVP
email: levinson_k@despammed.com Tag: Driver updates Tag: 57277
What is a valid digital certificate for a file?
Hi.
When I checked the digital certificate for file "EXCEL.EXE", I saw
"Valid from 3/29/01 to 5/29/02".
Today is 7/14/2004.
If it is a certificate on Apache server, it will say "This certificate
has expired."
But Windows told me "This certificate is OK."
How can it be possible to be OK?
After I renamed the file "EXCEL.EXE" to "EXCEL123.EXE", it still says
"This certificate is OK."
The certificate protects software from alteration after publication.
If the filename is changed, is that an alteration?
If I signed a DLL with a certificate and renamed it, the DLL file's
certificate will be OK, but there is no way to use it as before.
Please let me know the true meaning of digital certificate.
Thank you, Tag: Driver updates Tag: 57276
HELP
CAN ANYONE HELP ME .. I GOT HIJACKED BY A DEMON AND IT
HAS TAKEN CONTROL OF MY MACHINE and i cant download
anything and i am very slow and can barley do anything at
all any help to find a way to free me???? Tag: Driver updates Tag: 57260
Difference
Concerning MS, define exactly what is the difference between critical
security issues and non-critical security issues in reference to updates?
When is this difference determined?
What factors determine the difference?
Who makes the final decision on which is critical and which is non-critical
security issue? Tag: Driver updates Tag: 57259
Security Update CD
I see the last one of these was released in Feb. Are
these released on a set schedule(ie quarterly)or just
whenever they feel like it? Tag: Driver updates Tag: 57254
DOS Exploit
Using Spybot Search and Destroy, I have repeatedly
encountered what is labeled a Data Source Object Exploit.
The fix temporarily removes the DOS Exploit, but it
returns, despite my attempts to manually remove it in the
Registry at:
HKEY USERS\Default\Software\Microsoft\Windows\Current
Version\Internet Settings\Zones.
There are four Zones in mine. The 1004 value highlights
and I have removed all four several times without success.
Based on information provided by Spybot S & D, I
understand that a security hole in Internet Explorer is
allowing websites to execute code without my permission.
Today, I had to remove a trojan horse: Download/Ware. I do
not know if there is a connection. I do know, however,
that I have had to remove considerably more adware and
spyware since I discovered the problem with the DOS
Exploit.
On article I read suggested renaming the 1004's to 1003's.
I am wondering if the zones may safely be deleted in there
entirety? Is there a fix, other than going to a different
browser?
My system information follows. Thanks!
tJp
Operating System Windows 98 SE (4.10.1034.2222)
Internet Explorer 6.00.2800.1106
MSN Client 9.00.0013.2101
MSN SKU MSN 9 Dial-up
Default E-mail Program MSN Explorer
Amount of Memory 319 MB
Free Disk Space C: 8.23 GB Tag: Driver updates Tag: 57253
Firewall Program Disabled After Security Updates
I am posting this here because I do not know where else to
post, and wanted this to be seen by Microsoft's Tech Support.
Today, Wednesday, June 14, 2004, I downloaded the new
security updates that I get via IE Browser updates. After
I finished with the updates, and rebooted, I happened to
look inside my McaFee Firewall listings for "Manage
programs you access on the Internet", and I noticed this:
Microsoft Help Center Hosting Server [5.1.26000.0 Blocked
I never did it, and I removed the this whole listing. This
is for your information, but I wondered if it was part of
the security updates, and if I should have left it there.
I think its the automatic updates I get notified about on
my PC with a popup balloon window. Tag: Driver updates Tag: 57249
Password problem
I have windows 2000 professional and tried to change user
name and password. After posting the new details of user
name and password I found that the system on entry showed
the old password and prompted me to input a password but
I do not know the old password. I have tried with the new
ones but cannot get access to my computer. Can anyone
help me. My e-mail is fitzbrown@aol.com. All help will be
appreciated. Regards, Michael Brown Tag: Driver updates Tag: 57248
COM Services Error
System: WinXP
Does anyone have any ideas on this situation?
Problem:
I am trying to edit default COM sercurity, I have the appropriate users in
the Access Permissions, but when I try to edit the Launch Permission Users
by going to Run-->dcomcnfg-->component services-->computers-->right click my
computer (properties)-->default COM security tab-->edit default under Launch
Permissions. When the window pops up I do not get the ability to add users
to this sections, the only thing that shows up on the window is "Unable to
display security information". Any assistance would be great, I have done
research on google groups and support.microsoft.com to no avail.
Thanks
Jim Tag: Driver updates Tag: 57247
PDA security
Hello,
Is anyone familiar in terms of the security risk when you use PDA to
synchronous your email in a financial institition environment, like bank or
insurance company?
need your guidance on this.
thanx Tag: Driver updates Tag: 57243
Using software restriction policies to prevent virus and malware - Microsoft Response needed
Will using software restriction policies help to prevent virus and malware
from getting on Windows XP professional machines? Let say I know the name
of the executable to the virus or malware, can I use a path rule to
disallowed this executable from being run on the local machine. Will this
prevent virus and malware that are started by the registry? The
documentation is very vague in describing how exactly this works.
--
Eric Sabo
NT Administrator Tag: Driver updates Tag: 57242
securing client POSTs
This is a multi-part message in MIME format.
------=_NextPart_000_0056_01C46995.9DCE19B0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
hi
someone could send to my server
invalid or malicious POSTs packets
THEN:
i go to validate "every" field
i will get with "Request".Form or Cookie
does it is appropriate ?=20
and...
if an attacker append to the post=20
"MyField" with its value
(surely a value that can break the service)
is the web server (IIS)
capable to ignore the field?
or could it be dangerous?
thanks
--=20
atte,
Hern=E1n Castelo
SGA - UTN - FRBA
------=_NextPart_000_0056_01C46995.9DCE19B0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1400" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ebf3fc>
<DIV><FONT face=3DArial size=3D2>hi</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>someone could send to my =
server</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>invalid or malicious POSTs =
packets</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>THEN:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>i go to validate "every" =
field</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>i will get with "Request".Form or=20
Cookie</FONT><FONT face=3DArial size=3D2></FONT></DIV>
<DIV><FONT face=3DArial size=3D2>does it is appropriate =
? </FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>and...</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>if an attacker </FONT><FONT =
face=3DArial=20
size=3D2>append to the post </FONT></DIV>
<DIV><FONT face=3DArial size=3D2>"MyField" </FONT><FONT face=3DArial =
size=3D2>with its=20
value</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>(surely a value that can break the=20
service)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>is the web server (IIS)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>capable to ignore the =
field?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>or could it be dangerous?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>thanks</FONT></DIV>
<DIV><FONT face=3DArial size=3D2><BR>-- <BR>atte,<BR>Hern=E1n =
Castelo<BR>SGA - UTN -=20
FRBA<BR></DIV></FONT></BODY></HTML>
------=_NextPart_000_0056_01C46995.9DCE19B0-- Tag: Driver updates Tag: 57240
Blasted homepage hijaker (about:blank)
How the hell do you get rid of the Homepage hijacker
"about:blank" It's driving me nuts. antivirus software
doesn't detect it either. Any solutions? Tag: Driver updates Tag: 57235
Please Help
I am trying to open an attachment of 10.0 KB but a
message keeps coming up saying "Can not load Word for 2.0
files". What does this mean and how can I get around it? Tag: Driver updates Tag: 57225
Rogue/Suspect Anti-Spyware Products & Web Sites
http://www.spywarewarrior.com/rogue_anti-spyware.htm
~Silj
--
siljaline
MS - MVP Windows (IE/OE) AH-VSOP
________________________________
Anti-Parasite Definition Updates
http://forum.aumha.org/viewforum.php?f=31
(Reply to group, as return address
is invalid - that we may all benefit) Tag: Driver updates Tag: 57216
bridge.dll HELP!
I was was cleaning up a pc for a friend and got everthing in order, except when Adaware removed some things, it did not totally get rid of bridge.dll. I also ran a scan with Spybot, it removed a bunch of stuff too, but not the bridge.dll. The pc is a Sony Viao running XP.When you log on as one of the users, you get a rundll error message stating that it can't find bridge.dll. I did find one web site through a Google search advertising a bridge.dll removal tool. When you access the web site you download the the product and you could do a free scan, but then you would have to pay to use the cleaning tool. Does anyone have any recommendations? Thank you for your help!! Tag: Driver updates Tag: 57208
Lost URL line
I've messed up one of my settings and my URL is gone.
When ever I use Internet Explorer I get the page
requested but with no URL line to type in another web
page.
Help? Tag: Driver updates Tag: 57207
Firewalls
I was just wondering how the current Windows XP Pro firewall compares to
third party firewalls like McAfee? Also, how will the updated firewall in
SP2 stack up to third party firewalls?
Thanks Tag: Driver updates Tag: 57203
Bank Frauds
There is a new scam out there now. Be very careful when your bank emails you
purporting to be you bank's security office and asking you to verify
information regarding your account. They look very real but you are playing
into their hands by responding in any way. No bank will ask you for your
private information in response to their request.
You can call your bank at the number shown on your statement if you want to
check. Don't do anything on line in response to their request.
--
Regards,
Werner
quincey.nyc@nospam.verizon.net
Remove "Nospam" when e-mailing
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.718 / Virus Database: 474 - Release Date: 7/9/2004 Tag: Driver updates Tag: 57195
homepage hijacking
my home page is hijacked daily. A program I have
recently downloaded-SPY SEEKER- alerts me to the
hijacking and allows me to revert to my original
homepage.....how can I stop this hijacking in the
first place....the hijacker is below
http://search200.com/passthrough/index.html?
http://www.google.com.au
I am a novice and hope this prob is not to basic
for u guys....
rgds Michael Tag: Driver updates Tag: 57193
Scanning tool for KB870669?
Hi there, I am just wondering if anyone knows if Microsoft has released a scanning tool to confirm if kb870669 has been installed successfully yet on all network pc's? I am aware you can check add/remove programs but this is to be done remotely. Any help would be appreciated.
Regards
DOCNZ Tag: Driver updates Tag: 57191
cyberkrn
Hi
when I boot up my computer I get the message:
C:;PROGRA~1\CYBERM~1\CYBERKRN.VXD
I then have to press any key to continue. I figure its a
file missing but I'm having trouble identifying where the
problem lies.
many thanks Tag: Driver updates Tag: 57181
DCOM error message
"Access denied attempting to launch a DCOM Server using
DefaultLaunchPermssion."
I got this error message in the event viewer when I tried
to open up a RoboHelp help window inside my application.
The story is that I integrate the RoboHelp Context
Sensitive Help API to our shop's Visual Studio C# .net
application. All users become 'anonymous' after they
login in our application. When the user clicks on
the 'help' buttom, the DCOM error message showed up in the
event viewer. Any help would be appreciated.
Kathy Tag: Driver updates Tag: 57180
There is a new NEC-Mitsubishi monitor software driver update. What will this do when I get the update for the NEC MultiSync LCD1960NX?