Full Disclosure mailing list archives
Can CERT VU#786920 be right?
From: Paul Szabo <psz () maths usyd edu au>
Date: Wed, 18 Jul 2007 21:25:18 +1000
I sent the following to CERT (a few hours ago, no reply yet):
In http://www.kb.cert.org/vuls/id/786920 you wrote: Disabling the AIM protocol handler will mitigate this vulnerability. To unregister the protocol handlers, delete or rename the following registry keys: HKEY_CLASSES_ROOT\AOL I believe that renaming that key does NOT unregister the handler. Windows looks for registry values of "URL Protocol" (almost?) anywhere within the registry, not just (directly) under HKCR. And anyway, how would renaming AOL to XYZ affect the AIM handler...
Now I wonder if they can in fact be right... please enlighten me. Cheers, Paul Szabo psz () maths usyd edu au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Can CERT VU#786920 be right? Paul Szabo (Jul 18)
- Re: Can CERT VU#786920 be right? Steven Adair (Jul 18)
- <Possible follow-ups>
- Re: Can CERT VU#786920 be right? CERT(R) Coordination Center (Jul 18)