This is a program, which patches the FRAME/IFRAME vulnerability
described on the mailing list SecurityFocus
<http://www.securityfocus.com/archive/1/380175>
(http://www.securityfocus.com/archive/1/380175) on Windows 2000 and XP.
This vulnerability has been public for a rather short time and is
already being used by MyDoom.AI and MyDoom.AH to spread themselves.
This patch does just-in-time patching. It does not change any system
files, but rather installs a program that changes the loaded system
files' code before a HTML page is loaded. Because of this, the patch is
easily uninstallable.
http://www.cherryware.de/framefix/
This is a program, which patches the FRAME/IFRAME vulnerability
described on the mailing list SecurityFocus
<http://www.securityfocus.com/archive/1/380175>
(http://www.securityfocus.com/archive/1/380175) on Windows 2000 and XP.
This vulnerability has been public for a rather short time and is
already being used by MyDoom.AI and MyDoom.AH to spread themselves.
This patch does just-in-time patching. It does not change any system
files, but rather installs a program that changes the loaded system
files' code before a HTML page is loaded. Because of this, the patch is
easily uninstallable.
Any comments appreciated,
Thomas Rogg
[ reply ]