I get the following dialogue box on:
+ Windows XP SP1,
+ IE 6.0.2800.1106.xpsp2.030422-1633, Updates: SP1; Q822925; Q330994;
Q828750; Q825145
"Your current security settings prohibit running ActiveX controls on
this page. As a result, the page may not display correctly."
The site shows as being in My Computer zone. Since I can't change those
settings, my security settings for Internet are:
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disable
Initialize and script ActiveX controls not marked as safe: Disable
Run ActiveX controls and plugins: Enable
Script ActiveX controls marked safe for scripting: Enable
Internet Explorer / Windows Explorer (which ever it thinks it is) shows,
"Installing components...My%20Pics.folder!malware.exe" in the status bar
at the end of execution, though the exe was never run unless it was
designed to look like a regular IE dialogue.
-Eric "MightyE" Stevens
http://lotgd.net
To reply to me, please remove "[removethis]" from my email address.
http-equiv_at_excite.com wrote:
>Sunday, January 25, 2004
>
>
>The following file is a 'folder' comprising both scripting and
>an executable [*.exe].
>
>We inject scripting and an executable into the 'folder' which is
>designed to point back to the executable in the 'folder' and
>execute it. Provided the 'folder' is an html file, Windows XP
>Explorer will execute it.
>
>Because it is an 'folder' proper, Windows Explorer opens it. The
>scripting inside is then parsed and fired. That scripting is
>pointing back to the same executable file and because it is a
>self-executing 'folder', it executes !
>
>Fully self-contained harmless *.exe.
>
>Windows XP only:
>
>
>http://www.malware.com/my.pics.zip
>
>
>Be aware of 'folders' out there.
>
>
>
>
>
Received on Jan 26 2004
Intro
