Geeks With Blogs

News Clicky Web Analytics

web stats View David Caddick (davidcaddick@gmail.com)'s profile on LinkedIn

Search this Site!

Locations of visitors to this page
View My Stats eXTReMe Tracker
This posting is provided "AS IS" with no warranties, and confers no rights. The opinions expressed within are my own and should not be attributed to any other Individual, Company or the one I work for. I just happen to be a classic techie who is passionate about getting things to work as they should do (and are sometimes advertised and marketed as being able to?) and when I can I drop notes here to help others falling in to the same traps that I have fallen in to. If this has helped then please pass it on - if you feel that I have commented in error or disagree then please feel free to discuss with me either publically or privately? Cheers, Dave
Thin Clients, VDI and Linux integration from the front lines.... Raw and sometimes unedited notes based on my experiences with VMware, Thin Clients, Linux etc.

I've noticed a new post from AppSense's Response Centre regarding the new Exploit for all versions of IE

There has been some discussion recently about another new vulnerability in Internet Explorer. All versions are at risk, including the latest beta of IE 7. Microsoft have suggest workarounds including setting the Internet and local security zone settings to high and disabling active scripting.

There are working versions of exploits already being used to compromise machines on the internet. Currently the most common involve the installation of a DLL based Browser Helper Object (BHO) which installs a series of other files and then harvests information and attempts to send it to a site in Russia.

Interestingly, the information this Trojan is harvesting is not the usual financial and personal information. Instead it is stealing email usernames, passwords and addresses as well as output from commands such as ipconfig and netview. In effect it is mapping out networks for further exploitations. Its rare to find this kind of threat specifically aimed as the business world, but this obviously is. It is collecting information on companies and their enterprises for some purpose.
More at:
AppSense's Response Centre

It's funny how this comes in as I've just been resolving an issue where a Customer was having issues with trying to get Citrix's Web Interface working correctly with Firefox 1.5. The main problem was that they were set to default to the Java Client and this was only getting 3/4's the way through the initiation of the Citrix ICA Connection and then bombing out and taking the Firefox session with it.

Makes me wonder? I left Netscape for IE back around '97 as I was finding it difficult to navigate MS's TechNet with the Netscape Browser. Now the Browser wars are effectively over? (Maybe? ;-)) and even MS is now starting to reconsider or even do something of a U-Turn on the ActiveX Controls, it might be time to give this another try? (I can tell you that just inder 25% of the traffic to this Blog is Firefox!) 

An upgrade of the Java Engine on the client PC to version 1.5 from Sun fixed that, but I was also curious as to why the Local Client wouldn't work when it clearly been installed after the Firefox. This came down to CTX105973 explaining which files needed to be manually copied across to the Plugins folder on the Mozilla Firefox install as per these details here: 

More Information

To manually register the plug-ins with the browser, follow these steps:

  1. Copy the following files from \Program Files\Citrix\ICAClient to \Program Files\Mozilla Firefox\Plugins (for example):
    icaclobj.class
    cgpcfg.dll
    cgpcore.dll
    icalogon.dll
    npican.dll
    pscript.dll
    sslsdk_b.dll
    tcppserv.dll
  1. Create a folder called Resources in the Mozilla Firefox\Plugins directory, then a subfolder called en (\Program Files\Mozilla Firefox\Plugins\Resource\en).
  2. Copy the following files from \Program Files\Citrix\ICAClient\Resource\en\ to \Program Files\Mozilla Firefox\Plugins\Resource\en:
    icalogUI.dll
    npicanUI.dll
    sslsdkui.dll
Posted on Monday, March 27, 2006 8:34 AM Citrix , IT Management , Real Cool Stuff , Microsoft Tips , Security | Back to top


Comments on this post: New Exploits for ALL versions of IE - is Firefox the answer?

No comments posted yet.
Your comment:
 (will show your gravatar)


Copyright © Dave Caddick | Powered by: GeeksWithBlogs.net