|
| Latest News | Instant Messaging | Bugs 'n Stuff | Internet Explorer | Firewalls | Virus - Trojan |
 |
|
Click banner above for complete website from $300 any kind of site including e-commerce - sell on line and make extra money - web hosting $5 a month ...great deal.. |
What you always wanted to know about Internet Explorer..( but didn't know where to ask )...
First of all, I don't have a bone to pick with Microsoft's Internet Explorer program.
Internet Explorer is a very complex piece of software that enables most of us to see, hear and talk to each other on the internet. That being said, and credit given for the application's abilities - there are a few problems associated with Internet Explorer...
Internet Explorer's integration to the desktop opens a path to hackers. I believe that this desktop integration was designed to force Internet Explorer's use and so does the U.S. Department of Justice, hence the anti-trust action pending against Microsoft. Seems what was thought of as a marketing ploy turned out to be a giant security problem. Perhaps Internet Explorer 7 will address these issues.
I have run a program called IE eradicator, ieradicator.html, it removes the features that integrate the desktop, active desktop and DDE functions in the Internet Explorer (IE4 and IE4fixie). My experience is that after you reinstall the Internet Explorer minus the desktop integration, you will be fixing a lot of other things. Unless you have a lot of knowledge in tweeking and configuring Windows, don't do this. The exception would be in the case of a corrupted or hacked Internet Explorer. Using IE eradicator makes sense if the browser is trashed, as the alternatives in editing the system registry are so time consuming and require a level of skill that the average user does not possess.
What to try first if Internet Explorer is giving you problems.
Go to start/run and call up SFC.EXE run the system file checker and restore any corrupted file from the original Windows CD rom or from C:\WINDOWS\OPTIONS\CABS.
Go to start/run and call up MSINFO32.EXE in a 9x platform (win 95,98,me) in the tools heading hopefully you will find the internet repair tool. Try running the repair tool and see if Internet Explorer can heal itself.
Another alternative is to go to C:\Program Files\Internet Explorer\ie6setup and try to re-run the setup in the hope that a new set up will overwrite the bad files causing the problem.
It's also a good idea to delete all of the temporary files. This may be done with Internet Explorer's Internet Options tool - found in your control panel. While you are at it delete the history and cookies (there is a button for that now in Internet Explorer 6 whoopie! ). If you click on settings the second screen will allow you to view objects. These are activeX controls that give permissions to other computers to control certain aspects of your computer. These can be checked by right clicking on them and viewing their properties. General rule: If an object has a number instead of a name that you recognise as being from a website that you use; it is suspect. Before you delete (remove) any unknown or questionable activeX object, record it's ID ex: ({02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}). In the event that the object can not be removed properly in the internet options menu, by saving the class ID, there will be a way to find it and delete it from the registry.
Modifying Internet Explorer
Registry Speed Tweek for Internet Explorer
Multi-Streaming IE By adding a new D-WORD value to the windows registry you can increase the maximum number of connections that IE can make. Note: this involves modification of the registry, be sure to back up the current registry file!
The registry keys to be changed are:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Add the following D-WORD values:
max connections value=6 (select decimal for the number)
MaxConnectionsPerl_OServer=6
Now Internet Explorer will load 6 files at the same time instead of the default 2. This tweek will work best with high speed connections (Cable, DSL, T-1).
News on Internet Explorer
Yahoo Java Chat with Windows XP using SUN VM SDK
I recently had the pleasure of reformatting a computer with XP, isn't Windows a wonderful thing ( haha ). Unfortunately, due to all of the lawsuits between Sun and Microsoft, they java virtual machine was nowhere to be found on Microsoft's XP download site (AGAIN!). So off to www.sun.com to get a virtual machine.
Of course, when I went to load the java chat at Yahoo, the wonderful activeX stuff didn't work !!
Here is the fix! ::: Load the java 2.0 then change the URL ending from =2 to =1 , then click GO and load the new URL and the sun VM works at Yahoo WITH VOICE TOO!!
Invasion of the Browser Snatchers..[or what happened to my Internet Explorer?]
Here is the latest home page switch scam by a hostile website...
Lincoln Spector, special to PCWorld.com
Thursday, February 14, 2002
.....{"I suppose I should learn to type better," he says. But a typo that took him to mycpworld.com was only the beginning of his troubles. He soon discovered that this porn site was now both his home and default search page. He changed the settings back in Internet Explorer. But with his next system boot, www.mycpworld.com was back.
PC consultant Rod Ream first saw this condition on a client's system in January. He believes it was made from the Js_exception.gen JavaScript Trojan Horse. "It's a kit," intended for setting up such aggressive Web sites, Ream explains. "Webmasters can tailor this to do different manipulations." Whoever created the site, "picked some stuff that other people haven't chosen," Ream says}......
pcworld.comGeorgi Guninski security advisory - IE GetObject() problems
IE security guru Georgi Guninski has found a new activeX problem in patched versions of IE. Seems that a hostile website can read local files on a visitors machine (again). Moral of the story, don't store credit card numbers or other sensitive data in a Windows box accessing the internet. Restrict use to https (ssl) servers only. Read artice on bad certificates below (man in middle attack), posted earlier...
guninski.com"Damaged" ActiveX Control file when installing SUNmicro JAVA 1.3.1
When you install version 1.3.1_
of the Java Runtime Environment, the ActiveX Control file at C:\Winnt\Downloaded Program Files\Java Runtime Environment 1.3.1_ will have a status of "Damaged." This is merely a cosmetic issue, and the "Damaged" status should have no adverse affect in any situation. Nevertheless, there is a workaround if for some reason you cannot have a status of damaged. Go to "Start -> Run" and type in "regedit". From the regedit windows, navigate to the registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\8AD9C840-044E-11D1-B3E9-00805F499D93\DownloadInformation". Double-click on the INF string and delete the highlighted string under "Value data". The ActiveX Control file will have a status of "Installed."
java.sun.comVulnerability in IE's SSL Certificate handling allows undetected SSL Man-In-The-Middle attacks
"A flaw in Microsoft Internet Explorer allows an attacker to perform a SSL Man-In-The-Middle attack without the majority of users recognising it. In fact the only way to detect the attack is to manually compare the server name with the name stored in the certificate. "
security.e-matters.deNEW--11, February, 2002 Cumulative Patch for Internet Explorer
Microsoft claims that the new patch will correct the following flaws:
A vulnerability associated with the GetObject scripting function. Before providing a handle to an operating system object, GetObject performs a series of security checks to ensure that the caller has sufficient privileges to it. However, by requesting a handle to a file using a specially malformed representation, it would be possible to bypass some of these checks, thereby allowing a web page to complete an operation that should be prevented, namely, reading files on the computer of a visiting user’s system.A vulnerability related to the display of file names in the File Download dialogue box. When a file download from a web site is initiated, a dialogue provides the name of the file and lets the user choose what action to take. However, a flaw exists in the way HTML header fields (specifically, the Content-Disposition and Content-Type fields) are handled. This flaw could make it possible for an attacker to misrepresent the name of the file in the dialogue, in an attempt to trick a user into opening or saving an unsafe file.
A vulnerability that could allow a web page to open a file on the web site, using any application installed on a user’s system. By design, IE should only open a file on a web site using the application that’s registered to that type of file, and even then only if it’s on a list of safe applications. However, through a flaw in the handling of the Content-Type HTML header field, an attacker could circumvent this restriction, and specify the application that should be invoked to process a particular file. IE would comply, even if the application was listed as unsafe.
A vulnerability that could enable a web page to run a script even if the user has disabled scripting. IE checks for the presence of scripts when initially rendering a page. However, the capability exists for objects on a page to respond to asynchronous events; by misusing this capability in a particular way, it could be possible for a web page to fire a script after the page has passed the initial security checks.
A newly discovered variant of the "Frame Domain Verification" vulnerability discussed in Microsoft Security Bulletin MS01-058. The vulnerability could enable a malicious web site operator to open two browser windows, one in the web site’s domain and the other on the user’s local file system, and to use the Document.open function to pass information from the latter to the former. This could enable the web site operator to read, but not change, any file on the user’s local computer that could be opened in a browser window. In addition, this could be used to mis-represent the URL in the address bar in a window opened from their site.
microsoft.com/windows/ie/downloads/critical/q316059please visit our Latest News page for system updates and current postings
Home page !