From: "Gary Britt" 

What do they mean by the webview folder icon ??

Gary

"Geo"  wrote in message news:451fd27b{at}w3.nls.net...
> New browser exploit is being used to infect a whole lot of people, links
> and
> fix below
>
> Geo.
>
> SANS diary:
> http://isc.sans.org/diary.php?storyid=1742
>
>
> Determina has released a free, downloadable fix for the WebFolderIcon
> setSlice
> vulnerability. This standalone fix for Internet Explorer will prevent this
> critical vulnerabilty from being exploited until Microsoft is able to
> issue
> a
> patch. Desktop users without proactive protection against vulnerability
> exploits
> may consider installing this fix if they believe they might have exposure
> to
> web-based attacks.
>
> The fix can be downloaded from http://www.determina.com/security.research/
> and
> includes full source code. The fix applies to all versions of Windows
> 2000,
> XP
> and 2003. The fix patches the flawed code in memory when a vulnerable
> version of
> the ActiveX control in Internet Explorer is running, without affecting any
> files
> on disk or disabling any browser functionality. It should also not
> interfere
> with the installation of a Microsoft patch when one becomes available.
>
> We're also researching additional exploitation vectors. The underlying
> cause
> of
> the setSlice vulnerability is an integer overflow in COMCTL32.DLL, a core
> Windows component used by a large number of applications. The
> WebViewFolderIcon
> ActiveX control is most likely only one of the attack vectors for this
> vulnerability.
>
>
> Alex Sotirov
>
> Security Research
> Determina Inc.
>
>

--- BBBS/NT v4.01 Flag-5