digip Posted February 23, 2007 Share Posted February 23, 2007 Anyone using Shockwave 10 for internet explorer should disable it. There is a problem in the lastest version (Shockwave 10.1.4.020 Released 9/28/2006) for Windows Internet Explorer. When exploited it will crash Internet Explorer, or if crafted well enough, do more than a DOS in the browser. A basic exploit for this can be found on the Milw0rm site: http://www.milw0rm.com/exploits/3042 so I am not going to post any exploits, but I am sure anyone wanting to test it will figure it out. I would disable this for everyday use and only turn the settings on when needed for specific sites you want to view that use Shockwave! ----------- (For those of you who are going to ask me how to disable this attack) To disable this, open internet explorer and goto: -Tools -Manage AddOns -Select "Addons that have been used", not the "currently loaded" in internet explorer. Then slide to the right and see if SwDir.dll is enabled. If so, click the item and then select Disable For those of you running anything before 6.0, the only way to block it is either uninstall Shockwave, or use an alternate browser like Opera or Firefox. EDIT: By the way, I am using Oepra, but there are times when Internet Explorer comes in handy. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.