Disabling ADODB.Stream could break applications ?

  • Thread starter Thread starter Guest
  • Start date Start date
Toggle sidebar Toggle sidebar
Archived from groups: microsoft.public.win2000.security (More info?)

"Marlon Brown" <MarlonBrown@discussions.microsoft.com> wrote in message news:CA660C93-06D1-42E3-BED7-A97C8DCA811F@microsoft.com...
> Does the regkey change suggested by KB article
> http://support.microsoft.com/default.aspx?kbid=870669
>
> has potential to 'break' legitimate applications that use ADODB.Stream to save files to locally ? Just wondering... not sure if
decent applications are using that feature these days.


As far as I am concerned THERE ARE NO LEGITAMITE APPLICATIONS THAT USE THIS FEATURE!
Shame on Microsoft for allowing any website operator to read/write any file on my system and call it a feature!
I think it is time for some people in charge of these things at microsoft to find employment elsewhere, and have
some people with a few ounces of sense start designing the products that they ship out the door.
 
Archived from groups: microsoft.public.win2000.security (More info?)

On Fri, 2 Jul 2004 11:33:03 -0700, Marlon Brown
<MarlonBrown@discussions.microsoft.com> wrote:

>Does the regkey change suggested by KB article
>http://support.microsoft.com/default.aspx?kbid=870669
>
>has potential to 'break' legitimate applications that use ADODB.Stream to save files to locally ? Just wondering... not sure if decent applications are using that feature these days.

On intranets, it could be quite common.

Jeff
 
Archived from groups: microsoft.public.win2000.security (More info?)

Ok, so I guess this will demand an extensive testing then.


"Jeff Cochran" <jeff.nospam@zina.com> wrote in message
news:40eccaa7.633327546@msnews.microsoft.com...
> On Fri, 2 Jul 2004 11:33:03 -0700, Marlon Brown
> <MarlonBrown@discussions.microsoft.com> wrote:
>
> >Does the regkey change suggested by KB article
> >http://support.microsoft.com/default.aspx?kbid=870669
> >
> >has potential to 'break' legitimate applications that use ADODB.Stream to
save files to locally ? Just wondering... not sure if decent applications
are using that feature these days.
>
> On intranets, it could be quite common.
>
> Jeff
 
Archived from groups: microsoft.public.win2000.security (More info?)

On Fri, 2 Jul 2004 15:15:26 -0400, "BeamGuy" <nobody@SPAM.com> wrote:

>
>"Marlon Brown" <MarlonBrown@discussions.microsoft.com> wrote in message news:CA660C93-06D1-42E3-BED7-A97C8DCA811F@microsoft.com...
>> Does the regkey change suggested by KB article
>> http://support.microsoft.com/default.aspx?kbid=870669
>>
>> has potential to 'break' legitimate applications that use ADODB.Stream to save files to locally ? Just wondering... not sure if
>decent applications are using that feature these days.
>
>
>As far as I am concerned THERE ARE NO LEGITAMITE APPLICATIONS THAT USE THIS FEATURE!
>Shame on Microsoft for allowing any website operator to read/write any file on my system and call it a feature!
>I think it is time for some people in charge of these things at microsoft to find employment elsewhere, and have
>some people with a few ounces of sense start designing the products that they ship out the door.

Not every website is on the internet. Intranets often make use of
these types of features, and Microsoft does support corporate networks
I believe.

I'm assuming from your outrage that you don't use Microsoft products
anymore, correct?

Jeff
 
Archived from groups: microsoft.public.win2000.security (More info?)

Also, a website does not even need to be involved
for an application to use Ado, not that this is any sort
of excuse for IE's failure to contain properly.

--
Roger Abell
Microsoft MVP (Windows Server System: Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"Jeff Cochran" <jeff.nospam@zina.com> wrote in message
news:40edcad9.633376987@msnews.microsoft.com...
> On Fri, 2 Jul 2004 15:15:26 -0400, "BeamGuy" <nobody@SPAM.com> wrote:
>
> >
> >"Marlon Brown" <MarlonBrown@discussions.microsoft.com> wrote in message
news:CA660C93-06D1-42E3-BED7-A97C8DCA811F@microsoft.com...
> >> Does the regkey change suggested by KB article
> >> http://support.microsoft.com/default.aspx?kbid=870669
> >>
> >> has potential to 'break' legitimate applications that use ADODB.Stream
to save files to locally ? Just wondering... not sure if
> >decent applications are using that feature these days.
> >
> >
> >As far as I am concerned THERE ARE NO LEGITAMITE APPLICATIONS THAT USE
THIS FEATURE!
> >Shame on Microsoft for allowing any website operator to read/write any
file on my system and call it a feature!
> >I think it is time for some people in charge of these things at microsoft
to find employment elsewhere, and have
> >some people with a few ounces of sense start designing the products that
they ship out the door.
>
> Not every website is on the internet. Intranets often make use of
> these types of features, and Microsoft does support corporate networks
> I believe.
>
> I'm assuming from your outrage that you don't use Microsoft products
> anymore, correct?
>
> Jeff
 
Archived from groups: microsoft.public.win2000.security (More info?)

Extensive only if you have web-based apps that use Ado,
as they then might have used this to persist info locally.

--
Roger Abell
Microsoft MVP (Windows Server System: Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"Marlon Brown" <marlon_brownj@hotmail.com> wrote in message
news:e72G05HYEHA.2964@TK2MSFTNGP10.phx.gbl...
> Ok, so I guess this will demand an extensive testing then.
>
>
> "Jeff Cochran" <jeff.nospam@zina.com> wrote in message
> news:40eccaa7.633327546@msnews.microsoft.com...
> > On Fri, 2 Jul 2004 11:33:03 -0700, Marlon Brown
> > <MarlonBrown@discussions.microsoft.com> wrote:
> >
> > >Does the regkey change suggested by KB article
> > >http://support.microsoft.com/default.aspx?kbid=870669
> > >
> > >has potential to 'break' legitimate applications that use ADODB.Stream
to
> save files to locally ? Just wondering... not sure if decent applications
> are using that feature these days.
> >
> > On intranets, it could be quite common.
> >
> > Jeff
>
>
 
Archived from groups: microsoft.public.win2000.security (More info?)

> I'm assuming from your outrage that you don't use Microsoft products
> anymore, correct?
>
I want to thank microsoft for giving me enough of a boot in the pants
that I got out of my chair and tried something else. It is not perfect,
but I doubt that they will sit around waiting for a spammer to take
advantage of their users using a 10 month old security hole.

http://forbes.com/infoimaging/2004/02/04/cx_ah_0204tentech.html
 
Archived from groups: microsoft.public.win2000.security (More info?)

BeamGuy wrote:
> "Marlon Brown" <MarlonBrown@discussions.microsoft.com> wrote in
> message news:CA660C93-06D1-42E3-BED7-A97C8DCA811F@microsoft.com...
>> Does the regkey change suggested by KB article
>> http://support.microsoft.com/default.aspx?kbid=870669
>>
>> has potential to 'break' legitimate applications that use
>> ADODB.Stream to save files to locally ? Just wondering... not sure
>> if
> decent applications are using that feature these days.
>
>
> As far as I am concerned THERE ARE NO LEGITAMITE APPLICATIONS THAT
> USE THIS FEATURE!

Then you can't get out and about much.

There is a downside to this patch, it is likely to be more of an issue for
corporate users with "web based applications", but everyone needs to decide
for themselves which is the bigger problem.
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom