IE Critical Updates - Did what?

Discussion in 'Windows Desktop Systems' started by Powerchordpunk, Mar 30, 2002.

  1. Know I know that the patch fixed the cookie execution vulnerability in IE 5-6, where a cookie could run executables, but did the patch also fix the vulnerability where a webpage script could launch a known file on a system? I installed the patch, rebooted, and everything was successful, but when I tested the vulnerability with the script in a webpage set to run logoff.exe, I was still logged off. I installed the patch, hoping that that was the solution to the almost infamous NT/2000 "logoff vulnerability" but for me nothing has been changed. WTF?? Oh yeah. I'm also dumb and my mom's birthday is on April 14th.
     
  2. Qumahlin

    Qumahlin Moderator

    Messages:
    2,006
    The patch didn't address active scripting..it addressed cookies executing files, and sites using javascript redirection..and it repatched the previous patches cause they didn't truly work 100% =oP