Howto: Disable the clicking sound in Internet Explorer and Windows Explorer


The clicking sound that Windows plays when you click on a link in Internet Explorer or open a folder in Windows Explorer can get annoying. 

Here’s how to disable the sound in Windows XP:

  1. Click Start > Control Panel > Sounds and Audio Devices
  2. Click the Sounds tab
  3. Scroll down the list under Program Events. Under the Windows Explorer section, highlight Start Navigation.
  4. Under the Sounds box, select (None) > OK, close Control Panel

Here’s how to disable the sound in Windows Vista:

  1. Click Start > Control Panel > Sound
  2. Click the Sounds tab
  3. Scroll down the list under Program. Under the Windows Explorer section, highlight Start Navigation.
  4. Under the Sounds box, select (None) > OK, close Control Panel

You should no longer hear the clicking noise when you select links in Internet Explorer or open directories in Windows Explorer.

Howto disable the Internet Explorer popup: This page contains both secure and non-secure items. Do you want to display the nonsecure items?


The  Internet Explorer nag  This page contains both secure and non-secure items. Do you want to display the nonsecure items is sooo annoying.

To disable this popup in IE6:

Tools > Internet Options > Security 

Highlight the Internet zone
 
Select the Custom Level button
 
Under the Miscellaneous section, change Display Mixed Content from Prompt to Enable > OK > Yes > OK
 
To disable this popup in IE7:
 
Tools > Internet Options > Security > Custom Level
 
Under the Miscellaneous section, change Display Mixed Content from Prompt to Enable > OK > Yes > OK
 
The setting change should take effect without restarting the browser.  You will need to change the setting under the Trusted Sites zone as well.

New Internet Explorer 7 0-day exploit


SANS has reported a Microsoft IE7 0-day expoit that is now in the wild. This vulnerability is not adderssed by the forthcoming December 2008 patch Tuesday releases, or by the MS08-073 patch that was released on 12-09-2008.

Analysis shows the current exploit checks for the following conditions:

The user has to be running Internet Explorer
The version of Internet Explorer has to be 7
The operating system has to be Windows XP or Windows 2003

SANS has not yet confirmed if other versions are affected (Internet Explorer 6 or Internet Explorer 7 on Microsoft Windows Vista).

ThreatExpert has a very nice overview of the modifications the exploit makes to compromised computers.

Additional Resources:

ZDNet Security Blog
Secunia Advisory

Howto: Import Organizational Root CA certificates into Internet Explorer to get rid of Security Alert pop-ups


Yesterday I wrote about how to create eDirectory SSL certificates with alternate names to use across round robin DNS load balanced web servers.  Today I’ll discuss how to import the Organizational Root CA certificates into Internet Explorer to get rid of the Security Alert pop-ups.

To begin with, only a few Trusted Root Certification Authority certificates are included in Internet Explorer or any other web browser.  It wouldn’t be practical to include every CA, so the browser authors select a few of the most widely used CAs to include with their software. Unless you work for Verisign or another large CA, your organizations’s Root CA certificate is probably not going to be on this list, so we’ll have to import the certificate on each web browser that will need a secure SSL connection to the web server.

The following instructions were validated with Internet Explorer 6.  IE7 and other browsers may require different steps, but the concepts are the same.

To import the Organizational Root CA certificate from a web server

1) Browse to the https enabled web server
2) At the Security Alert popup, press View Certificate
3) Select the Certification Path tab
4) Highlight Organizational CA
5) Select View Certificate
6) Select Install Certificate – Next
7) Select Place all Certificates in the Following Store – Browse
8 ) Select Show Physical Stores
9) Expand Trusted Root Certification Authorities
10) Highlight Local Computer – OK – Next – Finish
11) Press OK when you are notified the import is successful
12) OK – OK – No
13) Close and reopen Internet Explorer. Verify the Security Certificate is from a trusted certifying authority. This means the CA is now trusted.

To import the Organizational Root CA certificate from a file

1) Obtain the certificate file from your administrator and save it locally
2) Right click the certificate and select Install Certificate – Next
3) Choose Place all certificates in the following store – Browse
4) Highlight Show Physical Stores
5) Expand Trusted Root Certification Authorities
6) Highlight Local Computer – OK – Next – Finish
7) Press OK when you are notified the import is successful
8 ) Open Internet Explorer. You should not receive the security alert when accessing the https enabled web server. This means the CA is now trusted.

Slipstreamed Windows XP SP3 Remote Web Workplace Active X problems


Yesterday I wrote about problemswith license keys on Windows XP SP3 installations performed on media slipstreamed on Windows Vista machines.  Today I found Susan’s postthat describes how to fix RWW issues associated with an XP SP3 slipstreamed install – Specifically, not having the ability to enable in Internet Explorer the Terminal Server Redistributable Active X control that RWW needs in order to work.

The solution appears to be resetting IE once the XP SP3 slipstreamed installation is performed.  To reset IE:

Select Tools – Internet Options – Advanced.  Click the Reset button, and restart Internet Explorer.

Recommendations for securing Internet Explorer, Firefox and Safari web browsers


Cert has a document that show some specific steps you can take to secure your Internet web browser.  Detailed instructions, including screen shots are provided, along with explanations of what you are configuring and what the potential ramifications are.

The document focuses on IE, Firefox, and Safari and includes supplemental reference links to additional content.  They also include links to configuring similar options for Opera, Mozilla SeaMonkey, Konqueror, and Netscape.

Found via ts/sci security blog.

Cannot Uninstall IE7 from Windows Server 2003


When trying to uninstall Internet Explorer 7 on a Windows Server 2003 SP2 machine, the Remove button may not be visible in Add/Remove programs. Sometimes the button is visible, but clicking it displays the following:

“An error occurred while trying to remove Windows Internet Explorer 7. It may have already been uninstalled.
Would you like to remove Windows Internet Explorer 7 from the Add or Remove programs list?”

KB 948093 explains “This behavior occurs if Internet Explorer 7 was installed on Windows Server 2003 Service Pack 1. Service pack 2 was installed later than that.”

Microsoft’s resolution is to

  1. Uninstall SP2 and reboot
  2. Uninstall IE7 and reboot
  3. Reinstall SP2 and reboot

Personally, if I was Microsoft I would have included step 4, go directly to Microsoft Update and apply all applicable patches and updates, then reboot again.