Comments on: IE 7 Exploit Reloaded: The new face of Drive-by Attacks using Doc files http://blogs.mcafee.com/mcafee-labs/ie-7-exploit-reloaded-the-new-face-of-drive-by-attacks-using-doc-files Wed, 23 May 2012 15:26:06 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Donna http://blogs.mcafee.com/mcafee-labs/ie-7-exploit-reloaded-the-new-face-of-drive-by-attacks-using-doc-files/comment-page-1#comment-21019 Donna Fri, 26 Jun 2009 14:10:17 +0000 http://www.labs.com/research/blog/?p=770#comment-21019 I have three unwanted programs to report to the Advert Lab, how do I completely get rid of them. Macaffee cannot remove these programs. Scarey because I just had my computer cleaned out and I don't want any viruses in it. Thank You. That is why I purchase this protection. I have three unwanted programs to report to the Advert Lab, how do I completely get rid of them. Macaffee cannot remove these programs. Scarey because I just had my computer cleaned out and I don’t want any viruses in it. Thank You. That is why I purchase this protection.

]]> By: Dan http://blogs.mcafee.com/mcafee-labs/ie-7-exploit-reloaded-the-new-face-of-drive-by-attacks-using-doc-files/comment-page-1#comment-21011 Dan Fri, 19 Dec 2008 16:43:14 +0000 http://www.labs.com/research/blog/?p=770#comment-21011 >This control stores configuration data for the policy setting Microsoft Scriptlet Component. What does this mean? This GUID appears to represent the scriptlet component itself. The Scriptlet component itself is based on IE, so when you patch IE, it is patched. So if you install the IE patch, then Word is protected. So why both attacking Word instead of just attacking directly through IE? >This control stores configuration data for the policy setting Microsoft Scriptlet Component.

What does this mean? This GUID appears to represent the scriptlet component itself.

The Scriptlet component itself is based on IE, so when you patch IE, it is patched. So if you install the IE patch, then Word is protected. So why both attacking Word instead of just attacking directly through IE?

]]> By: JCR http://blogs.mcafee.com/mcafee-labs/ie-7-exploit-reloaded-the-new-face-of-drive-by-attacks-using-doc-files/comment-page-1#comment-21009 JCR Wed, 17 Dec 2008 19:45:41 +0000 http://www.labs.com/research/blog/?p=770#comment-21009 MS has got to get rid of ActiveX! Clearly MS is incapable of making the technology safe (or they would have accomplished that after all of these years of trying)! And, whay in the heck does MS install (and worse...require) browsers on servers anyway? There should never be a browser installed on a server device! MS has got to get rid of ActiveX! Clearly MS is incapable of making the technology safe (or they would have accomplished that after all of these years of trying)! And, whay in the heck does MS install (and worse…require) browsers on servers anyway? There should never be a browser installed on a server device!

]]>