Everything posted by charles77
Hi Rsullinger, please find below the links to requested files https://secure.internetdownloadmanager.com/tmp/Malwarebytes3/MBAMSERVICE.LOG https://secure.internetdownloadmanager.com/tmp/Malwarebytes3/mbae-default.log The files were uploaded by our user who complained first about this problem Thank you Regards, Charles
Hi Rsullinger, we will send log files once we receive them from our user who complained first. Pbust, please don't write general, obvious, and well known things about VBscript. Most people who read this post know that there are several security problems. Please re-read the initial post. How the execution of VBScript can be exploited in this particular case? VBscript below is stored on hdd, and you need administrative rights to change it. <script language="VBScript"> set IDMLinksProcessor=CreateObject("IDMGetAll.IDMAllLinksProcessor") if err<>0 then MsgBox("IDM is not installed properly!"+ vbCrLf+"Please Install IDM again") else IDMLinksProcessor.Execute external.menuArguments end if </script> Note that you block our right click menu item in IE browser Thank you Regards, Charles
Hi When Internet Download Manager (IDM) from http://www.internetdownloadmanager.com is installed, and when trying to use "Download with IDM" right click menu item in Internet Explorer 11, your new feature (Application Hardening) blocks VB script in a static html page stored on local drive. Specifically it blocks C:\Program Files (x86)\Internet Download Manager\IEExt.htm and C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm files, and it names this action as blocking an exploit May you please clarify when it became an exploit, and how it can be exploited? How a malefactor can use this exploit on a customer computer? These script files are a part of IDM distribution, and they call ActiveX components, which were installed by IDM installer during IDM installation. It’s not possible for a malefactor to change these VBscript files or ActiveX components without administrative rights. If he has such rights, he will not need to modify or use these scripts and files. Regards, Charles Jones Tonec Inc.