Bugtraq mailing list archives
Re: Can we prevent IE exploits a priori?
From: <bugtraq223344 () mailinator com>
Date: 12 Jul 2004 02:17:28 -0000
So I wanted to know, has anyone tried these programs successfully? Can anyone validate their claims? Better yet, does anyone have a link to a "how to" doc, that tells smart geeks how to make the registry changes ourselves, so we don't have to rely on some program to do it for us?
How about this: a sandbox that you can run IE in, controling things like: -ShellExecute() calls such that only selected programs can be started by IE, say Notepad, Real Player, but not the MS-Help tool? -truly prevents Java Script from running (IE had bugs in the past that allowed running javascript-code even if it was turned of) -Only allow selected activeX controls to load (acrobat reader etc.) -Deny TCP connections to certain sites etc. etc. http://www.heise.de/ct/ftp/projekte/iecontroller/ This software is free, sourcecode available (though not GPL!), but unfortunately the documentation is in German. It was build by one of the German computer magazines (c't). If anybody is truly bored and speaks German, a GPLed version of this would be incredibly useful. I also think that can do more than some registry hacks. -Markus
Current thread:
- Can we prevent IE exploits a priori? security-bugtraq (Jul 07)
- RE: Can we prevent IE exploits a priori? James C Slora Jr (Jul 08)
- Re: Can we prevent IE exploits a priori? Thor Larholm (Jul 09)
- <Possible follow-ups>
- RE: Can we prevent IE exploits a priori? Drew Copley (Jul 07)
- Re: Can we prevent IE exploits a priori? Jason Coombs (Jul 09)
- Re: Can we prevent IE exploits a priori? bugtraq223344 (Jul 16)