Loose rivets

This has done the rounds on some Uni tech departments. I'm not sure if it affects the general public.


Re: Vulnerability in Windows Operating System (RISK: High)



Greetings,

Microsoft has announced that it has discovered a serious vulnerability in the Microsoft Windows Operating System that could allow an attacker to gain the same user privileges as the logged on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could also embed an exploit in a document that supports embedded shortcuts or hosted browser controls, such as, Microsoft Office documents, e-mail attachments, or web sites

A list of systems affected:

· Windows XP

· Windows Vista

· Windows 7

· Windows Server 2003

· Windows Server 2008

There is currently no patch available from Microsoft for this vulnerability; however, UTXX Computer Support Services will be releasing a temporary fix that will be pushed to all managed UTXX campus machines that will disable the displaying of icons for shortcuts. This is a temporary solution until Microsoft releases a patch for the vulnerability. The update will be released tonight to managed campus machines. Please note that your shortcut icons may not display properly.

BOAC

In fact Ms released a stopgap patch on Tuesday Microsoft issues stopgap fix for critical Windows flaw ? The Register but it is reckoned they will be hard-pressed to get the update out by 'Patch Tuesday'

Guest 112233

This is a bad one, It leaverages those files that constitute the short cut icons on the desk top. Yep we've all got them - apparently the bad guys have been attempting to utilise this weakness in the win code to gain control of PC's.

So much for Mr Ballmer's claims about the security intregity improvements incorporated in the Windows operating system.

I think is better to llog in as a limited user untill a fix is available.

CAT III

BOAC

err... fix IS available?

Guest 112233

Yes I totally Agree. Use another Operating System. The fix looks a bit complex for a ordinary user. Get it wrong and ........... . Let's see if an out of sequence auto fix comes from Microsoft before the next Patch Tues.

Update from article in the link above - The new fis ia an auomatic one, but the functionality of the icons is partly lost. - I stand corrected.

Complex issues arrise for people who really do need to see differentiated icons - visually impared users for example.

CAT III

(Linux user)

green granite

If your using W7 you don't really need icons on the desktop, my most used ones are in the taskbar. I dont have any programs on the desktop at all.

mixture

Suggest people also take a look at the official Microsoft line on the matter, here :

Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution


Specifically the "mitigating factors" section.

I suspect this will be yet another wake-up call for all those lazy users who insist on running with Administrator rights whilst browsing the web, plugging in USB keys etc.

BOAC

gg - I get the impression it doesn't matter WHERE the 'icons' are - desktop, system tray, sandwich box etc etc from my link
"Specifically, the change will cause folder and file icons on the task bar and start menu to be stripped of their graphical representations, making them appear as generic, white boxes. The Fix It will also require machines to be rebooted."

Loose rivets

That's got my attention. Got one white box instead of the FF button on my Taskbar. W7

This followed the thread I started a couple of days ago about a ribbon dedicated to the rotating dots and a message telling me that it was loading something.

Maybe unrelated, but...

http://www.pprune.org/computer-inter...uninvited.html

onetrack

What's wrong with using a good malware program to prevent this, or at least notify you that someone/something is trying to access your files? I use Online Armor, it seems to be pretty good at keeping the nasties at bay.
Anytime anything executable is attempted, it blocks it, and you get a full warning about what is happening, and whether you want to allow it to proceed.

BOAC

With acknowledgements to 'The Register', 26/7/2010

Virus writers have begun using the unpatched shortcut flaw in Windows first exploited by the Stuxnet worm, which targets power plant control systems, to create malware that infects the general population of vulnerable Windows machines. Slovakian security firm Eset reports the appearance of two malware strains that exploit security vulnerabilities in the way Windows handles .lnk (shortcut) files, first used by Stuxnet to swipe information from Windows-based SCADA systems from Siemens.

The Chymine-A Trojan uses the same security hole to install a keystroke logger while the Autorun-VB-RP worm has been updated to use the shortcut vulnerability as an infection method. The original hackers developed a technique to embed malicious code in shortcut files in such a way that this code is run when an icon is viewed, an approach now followed by less skilled VXers.

BOAC

Emergency Patch Bulletin expected 1000 California time today

BOAC

The new ruse features a fake Firefox "Just Updated" page of the type that is displayed just after users update their browser software, a regular occurrence of late. The page claims that users need to get a Flash update, and produces a download dialogue box with a scareware payload. The attack kicks in once surfers visit a maliciously constructed website and is not associated with genuine Firefox updates from Mozilla, which simply serve as a theme for the attack.

FullOppositeRudder

A new single Microsoft security update with the now quite familiar description was available when my computers were woken this morning. The link in the update box confirms this is indeed a critical update, and that it addresses the issues raised in this thread.

FOR

BOAC

New patch expected shortly from Adobe for 'Reader' for new 'vulnerability and there is apparently a way into jailbreaking the IPhone through the flaw.

BOAC

Adobe patch due week commencing 16 August and stand by for an 'enjoyable' few hours trying to install a 'record' raft of 14 M$ patches, 8 'critical', next Tuesday patching ! 34 ! vulnerabilities.

I wonder how many of those will trip up at install?

green granite

don't have it on my PC luckily, so no problems.

BOAC

From the Register today

Unpatched kernel-level vuln affects all Windows versions

Researchers have identified a kernel-level vulnerability in Windows that allows attackers to gain escalated privileges and may also allow them to remotely execute malicious code. All versions of the Microsoft OS are affected, including the heavily fortified Windows 7.
The buffer overflow, which was originally reported here, can be exploited to escalate privileges or crash vulnerable machines, IT research company Vupen said. The flaw may also allow attackers to execute arbitrary code with kernel privileges.


The bug resides in the “CreateDIBPalette()” function of a device driver known as “Win32k.sys.” It is exploited by pasting a large number of color values into an improperly allocated buffer, potentially allowing attackers to sneak in malicious payloads, vulnerability tracking service Secunia warned.

It affects fully patched installations of every supported Windows platform, from Windows XP SP 3 to Windows Vista, 7, and Server 2008. The latter three versions contain several defenses designed to lessen the effect of security vulnerabilities. It wouldn't be surprising if code execution attacks were possible only on earlier versions that don't have the defenses, which include DEP, or data execution prevention, and ASLR, short for address space layout randomization.
There are no reports of the vulnerability being exploited in the wild. Microsoft said it is investigating the reports but didn't have additional information. Microsoft is scheduled to issue a record 14 security bulletins during next week's Patch Tuesday.

FullOppositeRudder

Fourteen you say .........

I can hardly contain my sense of eager anticipation

(sigh)

FoR

BOAC

- I hope you did 'cos 15 turned up

M$ obviously DETERMINED to set a record for M$ updates that cannot be beaten................................err..........I'll just read that again