g3ppb
Content Type
Profiles
Forums
Events
Posts posted by g3ppb
-
-
What is going on here?
I wish to try IE7 beta3 and end up at this page...
http://www.microsoft.com/windows/ie/downloads/default.mspx
The first download link points to "switch.atdmt.com" and my Avant Browser is totally blank because I have locked it down for ALL untrusted sites as recommended by Steve Gibson of Security Now, Edition #38. Since adopting this policy, I have never received one virus or malware.
"atdmt" rang a bell and a Google search has many references to removing this malware.
Why would Microsoft use a download site that is notorious for malware? What is wrong with MS own servers?
0 -
Thanks to all who replied.
First I tried nLite after installing the whopping .NET Framework 2 ;-(
Started OK but after SP2 update, I selected the KB885835 update first which generated the warning
message that there was an earlier update. So I selected the first after SP2 (KB87 3333) and it still
issued the warning. I guess you can't use the numerical KB order...also it is only possible to select
one at a time. Will take forever with 49 updates & trial and error!
At that point I uninstalled it along with .NET Framework.
I started fresh using the IcemanND script, and ended up with 730,936,843 bytes.
I then then deleted the stuff mentioned here but leaving the LANG folder
... http://unattended.msfn.org/unattended.xp/view/web/57/
Now I have 537,724,206 so no problems burning to a CD.
I have 49 updates including SP2. I have removed those (that I know of) that have been superseded
by subsequent updates (cumulative for IE6), but I have probably got more than I need. M$ is not always
clear in its KB articles when previous updates can be removed. My list up to Feb 14, 2006 is below.
KB83 5935 XP SP2 Final build 2180 signed off August 6, 2004
KB87 3333 Vulnerability in OLE and COM could allow remote code execution
KB87 3339 Vulnerability in HyperTerminal could allow code execution
KB88 4020 IP loopback address problem, other than 127.0.0.1
KB88 5250 Vulnerability in server message block could allow remote code execution
KB88 5835 Vulnerabilities in Windows Kernel and LSASS could allow elevation of privilege. 1ST AFTER SP2
KB88 5836 Vulnerability in WordPad could allow code execution
KB88 5884 Critical Update for Office XP on Windows XP SP2
KB88 6185 critical update for Windows Firewall "My Network (subnet) only" scoping in SP2
KB88 7472 security update to Microsoft Windows Messenger v4.7 & v5.0
KB88 7742 Stop 0x05 (INVALID_PROCESS_ATTACH_ATTEMPT) error in SP2
KB88 7797 cumulative update for Outlook Express
KB88 8113 Vulnerability in Hyperlink Object Library could allow remote code execution
KB89 0046 Vulnerability in Microsoft agent could allow spoofing
KB89 0047 Vulnerability in Windows shell could allow remote code execution
KB89 0175 Vulnerability in HTML Help could allow code execution
KB89 0859 Vulnerabilities in Windows kernel could allow elevation of privilege and DoS
KB89 1781 Vulnerability in the DHTML editing component ActiveX control
KB89 3066 Vulnerabilities in TCP/IP could allow remote code execution and DoS
KB89 3086 Vulnerability in Windows Shell that could allow remote code execution
KB89 3756 a Vulnerability in the Telephony Application Programming Interface (TAPI)
KB89 3803 Windows Installer 3.1
KB89 4391 DBCS attachment file names are not displayed in Rich Text e-mail messages
KB89 6358 Vulnerability in HTML Help could allow remote code execution
KB89 6422 Vulnerability in Server Message Block could allow remote code execution
KB89 6423 a Vulnerability in the Print Spooler service
KB89 6424 c Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution
KB89 6428 Vulnerability in Telnet client could allow information disclosure
KB89 8461 Package Installer for Windows version 6.1.22.4
KB89 9587 a Vulnerabilities in Kerberos could allow DoS, information disclosure, and spoofing
KB89 9588 a Vulnerability in the Plug and Play service
KB89 9589 b Vulnerability in the Client Service for NetWare could allow remote code execution
KB89 9591 a Vulnerability in the Remote Desktop Protocol (RDP)
KB90 0725 b Vulnerabilities in the Windows shell could allow for remote code execution
KB90 0930 Outlook Express 6.0 issues : begin in subject line; newsgroup threads
KB90 1017 b Vulnerability in the Microsoft Collaboration Data Objects could allow code execution
KB90 1214 Vulnerability in Microsoft Color Management Module
KB90 2400 b Vulnerabilities in MS DTC and COM+ could allow remote code execution
KB90 4706 b Vulnerability in DirectShow could allow remote code execution
KB90 5414 b Vulnerability in Network Connection Manager could allow denial of service
KB90 5749 b Vulnerability in Plug & Play could allow remote code execution & local elevation of privilege
KB90 5915 e Cumulative Security Update for Internet Explorer for Windows XP
KB90 8519 g Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution
KB91 0437 e Fixes Access Violation error in Windows Update and Automatic Updates
KB91 1564 h Windows Media Player security update for non IE browsers
KB91 1565 h Windows Media Player security update
KB91 1927 h Vulnerability in Web Client
KB91 2919 f Vulnerability in graphics rendering engine (wmf files) could allow remote code execution
KB91 3446 h Vulnerability in TCP/IP could allow Denial of Service attack
Total 49 files
dates released
a - 9Aug05 b - 11Oct05 c - 8Nov05 d - 26Nov05 e - 13Dec05 f - 6Jan06
g - 10Jan06 h - 14Feb06
OK I can see some unnecessary updates but better to be safe than sorry. Any feedback welcomed.
Thanks.
0 -
I have built the image for Windows XP Pro + SP2 + updates up to & including Februaty 2006 using
the update.cmd batch file kindly provided by IcemanND on Feb 26 2005, 02:58 AM at the link below...
http://www.msfn.org/board/index.php?showto...15entry279415
Up to now, no problem fitting the image on 1 bootable CD but now Nero Burning ROM v6.6 reports
"too much data". Required is 711 MB and available on disc is 703 MB. Using Datawrite 80 CD-R media.
Tried "write overburn disc" in Disc-at-once mode but failure at end of burn.
Can anyone suggest best way to reduce the image size, for example, I don't use TabletPC so can I safely
delete this folder? Any other large files? I have not included extras like Windows Media Player 10, etc.
I guess I could use a DVD-R if it is not advisable to remove any files. Up to now I have used a CD-RW to
update the image every few months, but no more ;-(
Any suggestions appreciated.
0
IE7 Beta3 download page is known malware offender!
in Windows XP
Posted
Presently running IE6 (with latest updates + Avant front end) and Windows Defender, hence security is locked up tight, except for "trusted sites".
Agree about AV companies promoting sales by hyping up risks, however my AVG has popped up with virus warning when directed to some sites while researching info & tools for WinPE.
Agree some AV progs really slow down the system (or contribute to crashes) so are permanently banned from my systems. No such problem with Grisoft AVG.
Agree the atdmt download site is probably safe but how many would be willing to risk it after the bad publicity?
I would rather be paranoid and clean, than open and infected!
Thanks for link, downloaded and installed IE7 b3, now testing, so far, so good.
Hopefully I can now relax some restrictions without the previous risk from malware.