PDA

View Full Version : *** warning for any Microsoft user ***



3dWannabe
07-24-2010, 06:34 PM
I falsely mentioned yesterday that a properly setup IE browser could be fairly safe if you disabled javascript and about everything else (although I'd recommend instead using Firefox in all cases).

I was wrong.

There's a VERY nasty zero day exploit out.

Read about it here about 1/4 way thru:

http://www.grc.com/sn/sn-258.htm

In a nutshell, simply visiting the wrong web page (that will have a favicon, as most do) can infect you. And there's very little you can do about it.

It's not known (or at least I dont' know) if Firefox is safe.

This also affects USB drives, MS Office apps, just about everything.

This hot fix from MS ?may? help to mitigate it, but very likely it won't.

http://support.microsoft.com/kb/2286198

Trust me. This is a VERY nasty bug, and affects ALL versions of MS operating systems. I expect MS will have an out of sequence update for this soon, unless it is too hard to fix without breaking other things (as their hotfix does).

BTW - be aware the Outlook and Outlook express use IE, as do many other software tools. It's hard to get away from it.

3dWannabe
07-27-2010, 05:24 PM
Here's a partial fix from Sophos (very hard to live without shortcuts after the Microsoft 'hotfix. This fixes that problem, but run the MS hotfix removal program first if you installed the MS hotfix.)

http://www.sophos.com/products/free-tools/sophos-windows-shortcut-exploit-protection-tool.html

3dWannabe
07-30-2010, 12:06 PM
FYI - Microsoft is having a rare special security update on Aug 2nd that I hope will address this. They only do these out-of-band updates for really, really critical issues.

http://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx

3dWannabe
07-31-2010, 07:46 AM
Yes, the special out-of-band bug fix MS is releasing on Monday is for this bug, which as I expected is proving very nasty and exploitable.

http://news.cnet.com/8301-27080_3-20012270-245.html

If you haven't already, apply the sophos patch:

http://www.sophos.com/products/free-tools/sophos-windows-shortcut-exploit-protection-tool.html

which you can remove after the MS bug fix (assuming MS get the bug fix right the 1st time).