Jump to content

Disable Shockwave (SwDir.dll) for Internet Explorer 6 and up


Recommended Posts

Posted

Anyone using Shockwave 10 for internet explorer should disable it. There is a problem in the lastest version (Shockwave 10.1.4.020 Released 9/28/2006) for Windows Internet Explorer. When exploited it will crash Internet Explorer, or if crafted well enough, do more than a DOS in the browser.

A basic exploit for this can be found on the Milw0rm site: http://www.milw0rm.com/exploits/3042 so I am not going to post any exploits, but I am sure anyone wanting to test it will figure it out.

I would disable this for everyday use and only turn the settings on when needed for specific sites you want to view that use Shockwave!

-----------

(For those of you who are going to ask me how to disable this attack)

To disable this, open internet explorer and goto:

-Tools

-Manage AddOns

-Select "Addons that have been used", not the "currently loaded" in internet explorer.

Then slide to the right and see if SwDir.dll is enabled. If so, click the item and then select Disable

For those of you running anything before 6.0, the only way to block it is either uninstall Shockwave, or use an alternate browser like Opera or Firefox.

EDIT: By the way, I am using Oepra, but there are times when Internet Explorer comes in handy.

Posted
Yet another reason why I'm so happy to be an Opera and FF user. :)

There are plenty of FF and Opera sploits out there as well. I was just warning people for something most of us use or have installed and take for granted. There are even sploits for Flash out there, so any of you YouTubers and Video enthusiasts would be wise to apply this method to Flash or other plugins as well.

A lot of the time Flash related problems are cross platform, and for some OS's they are not as up to date on the releases as they are for Internet Explorer and Windows.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...