ZonedOut has Favorite Helper!

I was looking for a utility that will allow me to send a URL to “Trusted” or “Restricted” zones in Internet Explorer. At times, I’m viewing a site that I want to add in “Restricted” zone or a site that I want to add in “Trusted” zone (if required to be in trusted zone of IE).

I can’t find such utility so I send an email to friend Todd (aka Toadbee at and requested to him to create a utility or add such option to ZonedOut.  As usual, Todd is quite helpful and a great programmer! He said “yes, that’s possible to add to ZonedOut!”

And so he released ZonedOut v3.5.  It is Vista-compatible and he added “Favorites Helper” in this new version of ZonedOut

How to use Favorites Helper feature in ZonedOut? Simple.  Add any website in the favorites of IE.  Use ZoneOut to open any Internet Zones (Trusted or Restricted) then click “Menu”.  Select “Favorites Helper”.  Click Remove or Add a Favorite and you should see your IE’s favorite.  Choose which website you want to be added in Restricted or Trusted.  That’s easy and neat feature in ZonedOut to send a bad site to Restricted Zone!

BTW, ZonedOut was mentioned in PCWorld!,129785-page,2-c,spyware/article.html Steve Bass wrote: . If you are feeling especially geeky, use ZonedOut to add IE-SPYAD‘s list of dangerous and annoying sites to IE’s Restricted Sites.

Thank you Todd for making ZonedOut as Vista-compatible and for allowing my “wish” come true again! You’re a top-noch!


MVP Profile URL Alias

My MVP Profile URL is:

There’s URL Alias now — >

That’s cool because it’s shorter and easier to remember [H] [:D]

Some MVP might use their first name only or surname only as MVP Profile URL alias.  Some might stay in using the longish one. 

Thanks to MVP Program Team for this new and cool Profile URL Alias of active Microsoft MVPs!

MSRC: Update on Microsoft Security Advisory 935423

Microsoft Security Response Center blogs some answers on the following questions regarding the above-mentioned Security Advisory:

When we learned about the vulnerability
When we learned about the attack
What we’re doing to help protect customers
When we expect to release an update
Our recommendation around 3rd party workarounds or updates


Chinese servers host malicious cursor attacks

A criminal group responsible for using compromised Web sites to spread malicious software have already started using the latest Microsoft flaw to install their code from at least three servers in China, security experts said on Friday.

The sites are using a flaw in the way Microsoft Windows handles animated-cursor files, which the software giant acknowledged on Thursday in a security advisory. While Microsoft has stated that the attacks using the animated-cursor vulnerability in Windows appear “to be targeted and not widespread,” as many as 25,000 compromised Web pages currently use JavaScript to send visitors to the malicious Chinese sites, said Andreas Marx, CEO of antivirus software testing firm

Attacks on Windows flaw rise

Hackers stepped up attacks Friday on computers running some versions of Windows, a day after Microsoft disclosed a hole related to the mouse cursor. Microsoft Corp. sent out a security advisory Thursday warning customers that a vulnerability in “.ani” files — used to change the cursor into an hourglass while a program works, or into a dancing animal or other animation on specially designed Web sites — was allowing hackers to break into computers and install malicious software.

“Overnight we did see the attacks change from limited and targeted attacks to slightly more, but do still categorize it as a limited attack,” said Mark Miller, director of the software maker’s security response group.


Bluetooth Dongle as sniffer

A post in Bugtraq with link to the :

During the last year, rumours had come to my attention that apparently it is possible to transform a standard 30USD Bluetooth(r) dongle into a full-blown Bluetooth(r) sniffer. Thinking you absolutely need Hardware to be able to hop 79 channels 1600 times a second I was rather suspicious about these claims.

This paper is the result of my research in this area, answering the question whether it is possible or not..

Get it at

America Online SuperBuddy ActiveX Control Code Execution

— Affected Vendor: America Online

— Affected Products: America Online 9.0 Security Edition

— TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this vulnerability since November 6, 2006 by Digital Vaccine protection filter ID 4553. For further product information on the TippingPoint IPS:

— Vulnerability Details:
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of America Online with Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.

The specific flaw exists in the LinkSBIcons() method exposed through the ActiveX control ‘Sb.SuperBuddy.1’ with the following CLSID:


The affected control implements the IObjectSafety interface and therefore allows a web site to invoke the control under default Internet Explorer settings without any further user interaction. The vulnerable method is defined as:

int LinkSBIcons(IUnknown *interface)

As the method accepts an unchecked user-controlled value specifying a pointer to an object, a subsequent function dereference is completely under attacker control. This can easily lead to arbitrary code execution under the context of the logged in user.

It is important to note that many PCs ship with this vulnerable component by default, including Dell and Hewlett-Packard among others.
Since AOL is addressing this issue as an update through their internet service, many users are left without any recourse for mitigation.
Concerned users can specify a “kill bit” for the affected control to prevent it from loading within Internet Explorer. To do so, create the following registry key:

HKEY_LOCAL_MACHINE SOFTWARE Microsoft Internet Explorer ActiveX Compatibility {189504B8-50D1-4AA8-B4D6-95C8F58A6414}

With the value ‘Compatibility Flags’ set to 0x400.

— Vendor Response:
America Online has issued an update to correct this vulnerability as of 3/29/2007. The update is automatically applied the next time users log into the AOL service.

— Disclosure Timeline:
2006.07.18 – Vulnerability reported to vendor
2006.11.06 – Digital Vaccine released to TippingPoint customers
2007.03.30 – Coordinated public release of advisory


Saudi Arabia toughens stance on cybercrime

Saudi Arabia is finally implementing new laws designed to combat cybercrime, which were originally proposed last year by the nation’s advisory council, the Shura. A statement released by the cabinet this week has claimed that the new law, which will cover cybercrime offences such as hacking, will be enacted as soon as King Abdullah ratifies it. The country already has strong controls in place regarding access to certain types of online content, including pornography, which is outlawed under Islamic rules.

According to the new law those found guilty of committing a cybercrime could find themselves 500,000 riyals (over $130,000) out of pocket or even face a 1-year jail sentence. The legislation covers such offences as Internet hacking, as well as using mobile phones to take unauthorized pictures.