Microsoft vulnerability whack-a-mole continues…..



Translation – Microsoft patched one vulnerability another surfaces…. Incidents.org brings us the frustrating news….

If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released after the out of cycle Microsoft patch for MSIE.

So…. here are the possible workarounds….


Alternative browser – yeah I saw the analysis showing that they have had vulnerabilities too. For the most part they’re different and at this point I don’t know of major unpatched vulnerabilities, the bottom line is there seems to be a very active exploit campaign to keep IE unsafe for daily use – ok FINE make THEM try to figure out which other browsers to attack….. Short term though it should provide you with a safer haven (AND IF you’re running Windows 98SE or ME…. that alternative browser is pretty much your best bet at this point outside of a true upgrade of the base Operating System.)

OK – you could disable activeX, but… you need to allow it for Windows update. (And of course, you may need it for any variety of custom uses.) Killbits for this activeX control could be used….{844F4806-E8A8-11d2-9652-00C04FC30871} and {E5DF9D10-3B52-11D1-83E8-00A0C90DC849} (Incidents has prepared an application to take care of the killbit setting/unsetting for you here. The affected dll is webvw.dll

As always, keep the antivirus updated, and be cautious with links from unknown/unexpected/untrusted sources. (Email links might be designed to entice you to a page that would exploit this for example.)

Anyone care to take bets that we’ll see another 0-day released within 3 days of October 10?

What all of this means (outside of the fact that Explorer has many problems…) is that there are those that distribute spyware and adware and keyloggers that DON’T want to go away quietly. There are a lot of people making big money with sneak adware installs, probably from keylogger aggregations, etc. Until the economics of that is “attacked” and their costs driven up to where it’s not worth the risk, then I suspect the flood will not end. The incentive is not that there are software vulnerabilities. The incentive is that people can make money from them.

–update 10/1/06–
f-secure has info on this too.

AND Incidents.org is at “yellow alert” as an exploit for this has been seen in the wild. – workarounds as of right now are, up-to-date antivirus, the above mentioned killbits and possible alternative browsers – although there’s a current zero-day against firefox to keep in mind…. (no exploits in the wild have been reported yet on THAT one.)

Unofficial patches for this are available as well. As usual, unofficial patches are not officially recommended…. (that makes sense..)

–update 10/2/06–
The SecurityFix tells us that Microsoft is now warning about the setslice vulnerability, ANOTHER IE vulnerability and the Powerpoint issue that’s been covered here among other places. It’s certainly a busy week for incident response….

One note that Brian brings us is a suggestion to move to IE7 which so far has proven resistant to these recent Internet Explorer flaws.

Related Posts

Blog Traffic Exchange Related Posts
  • Exploit in the wild for Apple vulnerability A couple days ago there was a release of Mac OS X 10.4.7 which addressed several security flaws. There is now an exploit published for one of these vulnerabilities. The attacker using this exploit could gain remote root (administrator) access to the machine. So, don't delay any further on patching.......
  • The security of remote tech support (ultravnc sc or x11vnc with wrapper script) Well, I've got a nice way of doing "easy" one click (or one cut and paste) light desktop support for windows or linux, one uses ultravnc sc, the other uses x11vnc with a special wrapper script. So, what security flaws are there in this process? Well, for starters, I see......
  • October Microsoft update advance notice.... 11 patches will be released by Microsoft on the 10th of October. Bulletin is here, 6 for windows, 4 for Office (at least one in each of those two batches is critical) and 1 .NET (moderate) - yes the Windows updates will likely require a restart. Betanews has a bit......
Blog Traffic Exchange Related Websites
  • HP Pavilion dv6 First Impression Review If you're like many college students, you're getting ready for the new semester. New semester means organizing and buying your supplies. Perhaps you're looking for a computer to handle your classwork and is easy enough to carry. If so, you may be interested in HP's companion bundle of a powerful......
  • Closing Down a House for the Winter Whether you have a vacation home that will not be in use for the winter, or you will be gone from your home for an extended period of time this season, it is a good idea to properly close up your home for the winter. This is not difficult and......
  • Related Websites Welcome to the power of relevant chaos. The Related Websites plugin is the latest to come from the labs of the Blog Traffic Exchange. The Related plugin has been built by a blogger for the benefit of fellow bloggers everywhere. There is no advertising present on member blogs - only......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site