Sponsored Links

Acer Security Issue

Oh - another "ActiveX" problem - what a surprise. ;)

I hate ActiveX, have killed it completely and just don't bother with sites that depend on it - about the only thing it was ever any good for to me was Windows Updates, and as I'm running ME not XP it's not exactly a lot of use for those nowadays! :laugh:
 
Of course you could use Opera which doesn't use Active X.

What is the credibility of either of the websites referred to by Bob2002?

I grant that I found Lunchapp.ocx on a family Travelmate 4150 series.

None of the HKCR keys mentioned was found.
 
Last edited:
Sponsored Links
I'm running 98SE (yep I know it is cr:crap: p) I've got IE configured to allow maybe 20 activex components, which avoid a lot of activex security issues, but without disabling flash and the XML components required by gmail etc, which reminds me I suppose I should block the 4 classids used by Windows Update now.
 
"you could use Opera"

I do sometimes. :)
Firefox is my favourite, but Opera gets a fair bit of use too, and Netscape at times. IE only gets fired up when I want to check a web page of mine to see how others might see it. Oh - and Konqueror along with Firefox and Opera on the Linux partition - didn't bother with Netscape on that. I did vaguely hear of some version of IE that runs under Linux, but I wasn't sufficiently interested to investigate further! :laugh:
 
Of course you could use Opera which doesn't use Active X.

What is the credibility of either of the websites referred to by Bob2002?

I grant that I found Lunchapp.ocx on a family Travelmate 4150 series.

None of the HKCR keys mentioned was found.

Slashdot is a credible news source. You are free to test the vulnerability under IE6/7 with the test code on the author's page - http://vuln.sg/acerlunchapp-en.html . It seems fairly clear from the control interface that this is a potentially dangerous component. :hrmph:
 
Just seems odd that although this was posted on 19/11/06, no-one else seems to have picked it up and run with it. A Google of "lunchapp.ocx acer" reveals little apart from various forum entries (mainly in Portugese or Spanish) which do nothing more than quote the vuln.sg findings.

And, no thank you, I won't run the test code on the author's page since I'd never heard of him before today. And I don't use IE. Nor does the domestic laptop user.

I recall all too well a spate of spams some time ago advising removal of a crucial Windows .dll file. (No, I didn't.)
 
Sponsored Links
Top
Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £24.00 - 26.00
150Mbps
Gift: None
NOW UK ISP Logo
NOW £24.00
100Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £25.99
145Mbps
Gift: £50 Reward Card
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £17.00
200Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Youfibre UK ISP Logo
Youfibre £23.99
150Mbps
Gift: None
Large Availability | View All
Sponsored Links
The Top 15 Category Tags
  1. FTTP (6024)
  2. BT (3639)
  3. Politics (2720)
  4. Business (2439)
  5. Openreach (2405)
  6. Building Digital UK (2330)
  7. Mobile Broadband (2144)
  8. FTTC (2083)
  9. Statistics (1899)
  10. 4G (1814)
  11. Virgin Media (1763)
  12. Ofcom Regulation (1582)
  13. Fibre Optic (1467)
  14. Wireless Internet (1462)
  15. 5G (1405)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules