|Subject:||WinXPSP2 IE 7 Security Zones - security concern|
|Posted by:||v2win (v2w…@discussions.microsoft.com)|
|Date:||Wed, 28 Nov 2007|
I recently noticed that in my Trusted Sites zone, there is an entry,
"HTTP://", with no further domain identifier. I did not make this entry and
when I attempt to remove it, I get a system error beep and the entry is then
I checked a number of other WinXPSP2 machines in my network, all subject to
the same GPOs, and none of them have this entry. (NOTE:The subject machine is
a dual-boot with Vista Ultimate; the problem is absent from that instance of
IE 7 and from another instance of XPSP2 I have running under VPC 2004 SP1,
all on the same machine).
As a test, I uninstalled IE 7. When the machine was rolled back to IE 6,
the entry was still there but I could delete it - or so it appeared. Upon
reopening IE after the apparent delete, the HTTP:// entry had reappeared.
Is this some kind of security attack? (possibly trying to wildcard all
websites as though they were trusted?).
Because the roll back to IE 6 did not solve the problem, I reinstalled IE 7
and the entry persists, with the same behaviour as before.
I ran a full system AV scan with up-to-the-minute AVG and no threats were
Nevertheless, how can I remedy this problem?