December 13, 2004
How to circumvent the XP SP2 popup blocker

It looks like someone has found a way to sneak past the new popup blocker mechanism of Windows XP SP2. The trick can be seen in action on http://www.malware.com/flopup.html.

Note: I removed the direct link to this page as some visitors say that the script tries to install a troian on you machine - so only visit this page if you are 100% sure that your system has all the latest security patches installed

[via heise newsticker]

Posted at December 13, 2004 03:56 PM | Further reading
Comments

I keep looking where is the pop-up for many many minutes and I realize that you mean IE!

Posted by: Brajeshwar on December 13, 2004 04:26 PM

Of yes - looks like I forgot to mention that this is only about Internet Explorer. Another good reason to use Firefox.

Posted by: Mario Klingemann on December 13, 2004 04:32 PM

The question is "why" would you want to circumvent the blocker? The best way is put IE in the trash and use Firefox or Mozilla.

Posted by: steve w on December 13, 2004 05:31 PM

Steve W: I don't think end users would ever want to circumvent the blocker, but people who are running sites that load popups would want to know how.

I think this is perfect for promoting Firefox. I have been promoting Firefox and people tell me that SP2 makes IE block popups, so thats not an advantage of Firefox, well now all those people are wrong again.

Posted by: ErikG on December 13, 2004 05:42 PM

Does this mean any Flash SP2 pop-up issues are resolved!? *holds breath*

Posted by: Richard Leggett on December 13, 2004 07:02 PM

Erik: Thanks for clarifying the concept. When the spammers and advertisers start using this what good will it be (the popup block) anyhow? No matter what prevention is built someone will figure it out. Seems temporary at best.

Posted by: steve w on December 13, 2004 07:34 PM

Firefox is terrible on sites that are IE only. I wish they would put in an IE mode. I despise the Firefox team for this. Lack of forsight I guess.

Posted by: Dave on December 13, 2004 11:15 PM

I opened the link in IE (had to dig for it in the Start menu first) and when the page opened Windows started trying to install an Outlook feature!!

I had to click cancel about 10 times to persuade it to give up, then I got to see the lovely flying popup

IE gives me the f*cking creeps!
dAN

p.s. Dave - very funny :)

Posted by: dAN on December 14, 2004 05:40 PM

It also gets past Google's Pop-Up Blocker in their toolbar!

Posted by: lgf516 on December 15, 2004 01:09 PM

Firefox is terrible on sites that are IE only. I wish they would put in an IE mode. I despise the Firefox team for this. Lack of forsight I guess.
Posted by: Dave on December 13, 2004 11:15 PM

Dave;

There was an extension for Firefox that 'spoofed' the IE mode. Don't know if it is still there- worth checking if you are this annoyed. P.

Posted by: Pogo on December 27, 2004 08:22 PM

speaking of firefox. when i downloaded some updates, something went wrong with the browser & a yellow parse error page appears. I just downloaded the new version instead.

Posted by: Katz on January 3, 2005 08:23 AM

Firefox is not your regular browser. It's also very useful for web developers. To Dave, I hope you won't take this personally but I really don't think you should despise the firefox team for the existence of IE-only sites. There are some sites that are extremely pro-Microsoft & IE that they refuse to adjust to the changes. This is the extension: http://extensionroom.mozdev.org/more-info/ieview

Posted by: katz on January 3, 2005 08:34 AM

Ok, we all agree i.e got serious security issues even with sp2. Here is and interesting post saying that i.e can be breached into link deleted and get someone to modify you folder structure. Pretty nasty.

But if 95% of the web surfers were using firefox, this one would be the main target of attacks. So, security isn't only what it is about.

To me, the role of the software designer and developper should be to make life of the general public easier. But having a web browser intricated with an OS files explorer is deliberatly to put people's system at risk.
And to make such products upon profit descisions is irresponsible, intolerable and in our case, makes the role of web designer even tricker.


But we all know that, I just felt the urge to say it again...

Posted by: Oli on January 10, 2005 12:24 PM

okay, i have to say it is a clever workaround. Except the pop-up isn't actually a pop-up. It is the webpage dialog object which is similar to the dialog opened by the javasctipt:

alert('hello world');

You just do not want to block it.

Posted by: olibaron on January 19, 2005 10:22 PM

WTF THIS IS A TROJAN

I opened it and it tried to install something on my machine. Thank goodness for Virus protection.

DO NOT OPEN THIS LINK
ADMIN PLEASE TAKE LINK OFF!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Posted by: Alas on February 23, 2005 07:55 PM

Interestingly, I have noticed more and more websites launching pop-up windows despite the fact that I run Firefox. It would appear that several out there have found ways around the Firefox pop-up blocking as well.

As a web developer and a systems administrator, I am absolutely sure that this is not a result of malware. I have also checked all security settings in Firefox.

There are some sites launching pop-ups as dynamically located Flash controls embedded directly in a webpage (never launching any of the tell-tale Javascript). In addition, I have had a few sites actually manage to open a new Firefox window to display an advertisement.

It would appear that Firefox (running 1.0.1) is certaintly not immune to this activity.

Posted by: Chris on March 6, 2005 12:35 AM

Seems this "solution" doesn't work for Firefox!

I receive almost exactly the same "warning message" as IE (before I encoded this piece of code for IE).
Does anyone founded a "solution" for Firefox's popup blocker?

Thanks, have a nice day…


- Dimitri

Posted by: dimitri_c on April 8, 2005 03:36 PM

Ok guys,


Instead of bitching about IE, can we please figure out EXACTLY how this code is done ???

A lot of web developers need to work around the SP2 blocks and I am one of them.

Can somebody help and analyze this in depth ?

Thank you.

Francois / Toronto

Posted by: Francois G on July 1, 2005 11:06 PM
Post a comment
Name:


Email Address:


URL:


Comments:


Remember info?



Thank you!

Most Visited Entries
Sketches, Works & Source Code
Lectures
Contact
Backlog
In Love with
Powered by
Movable Type 2.661

© Copyright Mario Klingemann

Syndicate this site:
RSS 1.0 - RSS 2.0

Quasimondo @ flickr
Quasimondo @ LinkedIn
Quasimondo @ Twitter
Quasimondo @ Facebook
Quasimondo @ MySpace
Quasimondo is a Bright
Citizen of the TRansnational Republic
My other blog in german
Impressum


My family name is written Klingemann,
not Klingelmann, Klingeman, Klingaman, Kingemann,
Kindermann, Killingaman, Klingman, Klingmann, Klingonman
Klingemman, Cleangerman, Klingerman or Kleangerman

profile for Quasimondo at Stack Overflow, Q&A for professional and enthusiast programmers