Computer Tips -Tech Info

An exploit for last weeks zero-day (0-day) javascript vulnerability in Microsoft’s Internet Explorer is in the wild. I saw this post from Sunbelt a couple nights ago go up and disappear, at the time I didn’t have long enough to read it… It’s back today and there are instructions for mitigating the risk. However, there is still no patch from Microsoft and no word on when to expect one. According to the Sunbelt post the exploit in the wild is being used for browser hijacking/spyware install stuff.

The Incidents.org handlers diary chimes in too musing on whether we’ll have an out of cycle patch, or if MS will wait until December 13th. MS has updated their security advisory, so Incidents is betting on an early/out of cycle fix. Hope that’s the case.

PC Pro also has an article on this today.

–update– 12/1/05–

The securityfix has it this morning along with connecting the dots to yesterday’s beta release of Microsoft’s antivirus software and promotion of the Windows Live Safety Center. The last time MS did antivirus, one of the big complaints was essentially lagging/sluggish response in the realm of updates (which for antivirus is critical). With the purchase of GeCad, they have a good antivirus structure, my main question will be if they can give the frequent updates it deserves. (With security patches now coming out only once a month, many times in spite of known vulnerabilities, I wonder…)

Anyway, Microsoft has an entry in their “Malicious software encyclopedia” for the worm installed by the “in the wild” exploit Trojan Downloader information.

The register has more on Windows OneCare Live beta. (OneCare is the name for Microsoft’s new antivirus package.)

Popularity: 1% [?]

   Send article as PDF   

• Network Security guide for the home or small business network - Part 12 - Antispyware I've talked about Antivirus software as an essential. Today we're going to look at Antispyware software. There is a difference. By definition a virus is a piece of software that infects other files or copies itself. A worm is a virus that spreads without user intervention. (From one open network......
• Remove Windows Police Pro I'm seeing a lot of searches for how to remove Windows Police Pro this evening. It looks like it's ALSO the latest flavor of the minute in the rogue security application crowd (take a look at remove Green AV for another rogue). As stated before... my usual path for removing......
• Windows RDP Denial of service vulnerability I just saw this article at zdnet news a few minutes ago. Basically a new security bulletin is out with regards to Windows Remote Desktop Server being vulnerable to a denial of service (DoS) attack. Essentially it affects Windows 2000, XP and Server 2003. It appears that under an overwhelming......

• Microsoft Issues “Cyber Monday” Security Shopping Tips for Consumers Monday, November 29 will be this year’s Cyber Monday,  the Monday following the Friday after Thanksgiving Day, and the second busiest online shopping day of the year in the United States.  Cyber Monday is also one of the busiest online shopping days in the United Kingdom, Germany, and France. For the millions of shoppers worldwide......
• Solidifying WP Security Designed with PHP, and powered by mySQL directories, WordPress is used by an amazing 8.5% of all websites. Web delivered spyware and web page hacking are becoming progressively more common. With such a lot of web content using WordPress as a CMS, any security weaknesses in the CMS structure or......
• Microsoft Security Bulletin MS10-046 - Critical Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Published: August 02, 2010 | Updated: August 03, 2010 Version: 1.1 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon......

Similar Posts

• Microsoft OneCare and another unofficial patch
• Microsoft Updates for October and bugs on the loose
• Microsoft August Updates
• Massive Windows Update Tuesday
• Internet Explorer 0-day (take 2 of the last few days…)

This entry was posted on Wednesday, November 30th, 2005 at 2:40 pm and is filed under Computers, Security, Spyware, Viruses. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.