The DSO Exploit is a security vulnerability in Internet Explorer that can allow untrusted software to be executed. In some cases a machine using an old version of internet explorer were compromised just by visiting a webpage that used scripts to exploit this security hole. One of the bigger proliferators of this problem was the CoolWebSearch group.

The good news is that Microsoft has found this problem and fixed it. If you run regular updates the problem will already be patched. If you do not run regular updates you should run one today because your machine may still be vulnerable to this problem.

Recently confusion has come from the fact that at least one popular spyware detection program reports the problem, but doesn’t provide a remedy and therefore continually reports the problem. Even though it might not be a problem any more.

The vulnerability in Internet Explorer has been corrected. If you have patched IE and are staying up to date with current patches from Microsoft, you’re safe, even if a DSO exploit is reported by an anti spyware application.

The bottom line: If you’re fully up-to-date on Internet Explorer patches, you can safely ignore reports of a DSO Exploit. There are rumors that the one anti-spyware app that has been flagging the DSO exploit plans to fix the reporting problem.

This entry was posted on Monday, November 8th, 2004 at 4:15 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.