piaqt Posted June 12, 2002 Share Posted June 12, 2002 from http://www.microsoft.com/technet/treeview/...in/MS02-027.aspUnchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (Q323889)Originally posted: June 11, 2002SummaryWho should read this bulletin: Customers using Microsoft® Internet Explorer; System administrators running Microsoft Internet Security and Acceleration (ISA) Server 2000 or Microsoft Proxy Server 2.0. Impact of vulnerability: Run Code of Attacker's Choice. Maximum Severity Rating: Critical Recommendation: Customers should implement the workaround detailed in the FAQ. Affected Software: Microsoft Internet Explorer Microsoft Proxy Server 2.0 Microsoft ISA Server 2000 Implement the work-around manually by following the steps listed below: Open Internet Explorer "Tools" and select "Internet Options" Click on the "Connections" Tab Click on the "LAN Settings..." button Uncheck “automatically detect settings” If "automatic configuration script" is set, check with your administrator if gopher server is called out. Check the "Use proxy server for your LAN..." Checkbox Click on the "Advanced..." button Ensure “use the same proxy server for all protocols” is unchecked. In the "Proxy addresses to use" textbox next to the word Gopher, Type "LocalHost" In the "Port" textbox next to the Gopher protocol, Type "1" Click 'OK' until the Internet Options Menu disappears. Link to comment Share on other sites More sharing options...
Flash Posted June 13, 2002 Share Posted June 13, 2002 Yeah, they have released a patch for it now. I recieved it by Windows Update and XP started the donwload for me, it is now installed Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now