RE: dso exploit



dot
07-09-2005, 11:52 PM
hi there, i to have this problem, i run service pack2 ie6 automatic live
update so thought i'd be fine, checked with your page below guess what it
told me i was not protected and to dowmload and install until m/soft had a
patch available do i leave it at this cheers
dot

"MAP" wrote:

>
>
> "Headtheball" wrote:
>
> > Cana anybody tell me what this means and is it a threat? Everytime I run
> > spybot S&D I get this problem. I saved the results as below
> >
> > DSO Exploit: Data source object exploit (Registry change, nothing done)
> > HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet
> > Settings\Zones\0\1004!=W=3
> >
> > DSO Exploit: Data source object exploit (Registry change, nothing done)
> > HKEY_USERS\S-1-5-21-1417001333-1292428093-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet
> > Settings\Zones\0\1004!=W=3
> >
> > DSO Exploit: Data source object exploit (Registry change, nothing done)
> > HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet
> > Settings\Zones\0\1004!=W=3
> >
> > DSO Exploit: Data source object exploit (Registry change, nothing done)
> > HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet
> > Settings\Zones\0\1004!=W=3
> >
> > DSO Exploit: Data source object exploit (Registry change, nothing done)
> > HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet
> > Settings\Zones\0\1004!=W=3
> >
> >
> >
> >
>
> DSO exploit is a very old exploit that has been patched by a microsoft
> hotfix along time ago.If you are current with windows update you have no need
> to worry about it.This report will be fixed in a later update of Spybot
> S&D.You can add the DSO exploit to the ignore list in Spybot.
> Or if you would like to double check weather this exploit still exists on
> your system the link below will take you to a download of a DSO checker and
> blocker.
>
> http://nsclean.com/dsostop.html

Roger Abell
07-09-2005, 11:52 PM
It is unclear by what software you are being told that
your machine is vulnerable.
As was said in what you quote, the DSO exploit was
patched very, very long ago.

--
Roger Abell
Microsoft MVP (Windows Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"dot" <dot@discussions.microsoft.com> wrote in message
news:A80C76F6-30F6-43D9-8B66-CF7053157DEE@microsoft.com...
> hi there, i to have this problem, i run service pack2 ie6 automatic live
> update so thought i'd be fine, checked with your page below guess what it
> told me i was not protected and to dowmload and install until m/soft had a
> patch available do i leave it at this cheers
> dot
>
> "MAP" wrote:
>
> >
> >
> > "Headtheball" wrote:
> >
> > > Cana anybody tell me what this means and is it a threat? Everytime I
run
> > > spybot S&D I get this problem. I saved the results as below
> > >
> > > DSO Exploit: Data source object exploit (Registry change, nothing
done)
> > >
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet
> > > Settings\Zones\0\1004!=W=3
> > >
> > > DSO Exploit: Data source object exploit (Registry change, nothing
done)
> > >
HKEY_USERS\S-1-5-21-1417001333-1292428093-682003330-1004\Software\Microsoft\
Windows\CurrentVersion\Internet
> > > Settings\Zones\0\1004!=W=3
> > >
> > > DSO Exploit: Data source object exploit (Registry change, nothing
done)
> > >
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet
> > > Settings\Zones\0\1004!=W=3
> > >
> > > DSO Exploit: Data source object exploit (Registry change, nothing
done)
> > >
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet
> > > Settings\Zones\0\1004!=W=3
> > >
> > > DSO Exploit: Data source object exploit (Registry change, nothing
done)
> > >
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet
> > > Settings\Zones\0\1004!=W=3
> > >
> > >
> > >
> > >
> >
> > DSO exploit is a very old exploit that has been patched by a microsoft
> > hotfix along time ago.If you are current with windows update you have no
need
> > to worry about it.This report will be fixed in a later update of Spybot
> > S&D.You can add the DSO exploit to the ignore list in Spybot.
> > Or if you would like to double check weather this exploit still exists
on
> > your system the link below will take you to a download of a DSO checker
and
> > blocker.
> >
> > http://nsclean.com/dsostop.html


RE: dso exploit