download.ject and adodb.stream


The security team has released an update to disable adodb.stream in Internet Explorer.  It will be on windows update or you can download it here.  For further reading, the technical details page has also been updated. 

Comments (8)

  1. The patches for the recent IE flaws are out.

  2. David Candy says:

    If someone can explain to me why popup blockers ae=re necessary. I get two to three popups per day. Hardly onerous.

    After swearing at IE again, as I do all day, fix the windowing code.

    1. Blank windows. This is where the frame is drawn but the object in the frame is slow to initialise. It appears as if an IE window is not on top (which it is but invisable, except for the frame, for a while) as one can see the window beneath it in the Z-Order.

    2. Windows taking focus. EG open, then minimise 15 google windows as each page finishes loading it comes to the top.

    3. Consistant focus. EG opening google 1/2 the time the text box has focus and the other 1/2 it doesn’t, even though the text cursor is blinking saying it has.

    To some degree these types of problems were introduced in IE4 and fixes since have only made it worse. Yet MS focuses on making porn sites more convienent to visit (that’s what popup blockers do isn’t it).

  3. xymon says:

    Pop-up blockers are about being able to visit pirate-mp3 sites WITHOUT having to see porn banners =p

  4. Will says:

    Well, at least according to the media, people are annoyed with pop-ups.

    The number of pop-ups probably has some bearing with the amount of spyware they have on their computers, though.

    Pr0n sites? What is this pr0N I keep hearing about? I haven’t seen a pr0n pop-up for ages, not that I visit pr0n sites, of course… :)

  5. Owen says:

    Uh right. This will stop the exploit for about 2 seconds until they realize they can rout it to shell.

  6. jeffdav says:

    There is a full patch now that fixes the underlying problem in IE.

  7. Roger Fielding says:

    Um no, it doesn’t. Several security agencies have commented on this. There is no routing around this problem. It’s built into the system. The only way to get rid of it altogether is to remove IE from the OS entirely.

    All you did was sidestep it… not fix it.