Disable ADODB.Stream Object in IE Immediately!

Published Fri, Jul 2 2004 15:54

Breaking News: Security Holes Leave Hard Drive Read/Write Functions Open

Adodb.stream provides a method for reading and writing files on a hard drive. This by-design functionality is sometimes used by web applications. However, when combined with known security vulnerabilities in Microsoft Internet Explorer, it could allow an internet web site to execute script from the Local Machine Zone (LMZ). This occurs because the ADODB.Stream object allows access to the hard drive when hosted within Internet Explorer.

More information and a download that should be applied on Windows NT/2000/2003 Server/XP machines is available here.