I noticed that after installing the KB890047 patch, referenced
http://www.microsoft.com/technet/sec.../ms05-008.mspx
and
http://www.cve.mitre.org/cgi-bin/cve...=CAN-2005-0053, one of the
fixes is to disable file operations using file/explorer dialogs. Not correct
it, but disable it.
"Microsoft Internet Explorer running on Microsoft Windows Server 2003,
Windows XP, and Windows 2000 could allow a remote attacker to gain elevated
privileges and download a file to a target location on the victim's system.
The dialog box that asks for the victim's approval for the download is not
displayed to the user."
Basically when a file/open dialog is presented to the user, they may
drag/drop files to/from other instances of explorer windows or even drag/make
copies by using the mouse. (I discovered, ironically it seems, of this even
on a review about what OSX and Linux need to adapt for windows users).
With this patch installed, this feature is disabled. Users have to change
their behavior with their applications (corel wp, others). I doubt it was
done by accident, but just disabling a long used feature like this... so I'm
hoping that there's an option consideration somewhere. After all it is a
seasoned, longtime used operation.
Is there anyway to re-enable this with a registry key/dll until it's fixed?
Similar Threads
Linear Mode
