Microsoft vulnerability whack-a-mole continues…..



Translation – Microsoft patched one vulnerability another surfaces…. Incidents.org brings us the frustrating news….

If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released after the out of cycle Microsoft patch for MSIE.

So…. here are the possible workarounds….


Alternative browser – yeah I saw the analysis showing that they have had vulnerabilities too. For the most part they’re different and at this point I don’t know of major unpatched vulnerabilities, the bottom line is there seems to be a very active exploit campaign to keep IE unsafe for daily use – ok FINE make THEM try to figure out which other browsers to attack….. Short term though it should provide you with a safer haven (AND IF you’re running Windows 98SE or ME…. that alternative browser is pretty much your best bet at this point outside of a true upgrade of the base Operating System.)

OK – you could disable activeX, but… you need to allow it for Windows update. (And of course, you may need it for any variety of custom uses.) Killbits for this activeX control could be used….{844F4806-E8A8-11d2-9652-00C04FC30871} and {E5DF9D10-3B52-11D1-83E8-00A0C90DC849} (Incidents has prepared an application to take care of the killbit setting/unsetting for you here. The affected dll is webvw.dll

As always, keep the antivirus updated, and be cautious with links from unknown/unexpected/untrusted sources. (Email links might be designed to entice you to a page that would exploit this for example.)

Anyone care to take bets that we’ll see another 0-day released within 3 days of October 10?

What all of this means (outside of the fact that Explorer has many problems…) is that there are those that distribute spyware and adware and keyloggers that DON’T want to go away quietly. There are a lot of people making big money with sneak adware installs, probably from keylogger aggregations, etc. Until the economics of that is “attacked” and their costs driven up to where it’s not worth the risk, then I suspect the flood will not end. The incentive is not that there are software vulnerabilities. The incentive is that people can make money from them.

–update 10/1/06–
f-secure has info on this too.

AND Incidents.org is at “yellow alert” as an exploit for this has been seen in the wild. – workarounds as of right now are, up-to-date antivirus, the above mentioned killbits and possible alternative browsers – although there’s a current zero-day against firefox to keep in mind…. (no exploits in the wild have been reported yet on THAT one.)

Unofficial patches for this are available as well. As usual, unofficial patches are not officially recommended…. (that makes sense..)

–update 10/2/06–
The SecurityFix tells us that Microsoft is now warning about the setslice vulnerability, ANOTHER IE vulnerability and the Powerpoint issue that’s been covered here among other places. It’s certainly a busy week for incident response….

One note that Brian brings us is a suggestion to move to IE7 which so far has proven resistant to these recent Internet Explorer flaws.

Related Posts

Blog Traffic Exchange Related Posts
  • Microsoft's priorities... I didn't really think of this in context, but George Ou points out that Microsoft issued an "out of cycle" patch for their DRM software in response to the FairUse4WM software that stripped DRM protections from Windows Media Files. It took a mere 3 days from being made aware of......
  • ANOTHER Microsoft patch problem This is getting to be like clockwork, but it sounds like this may be one of the nastiest problems so far. It appears that there is a problem with one of the recent patches from Microsoft MS06-49. It looks as though the problem is data corruption for small files (under......
  • Microsoft Update day for September.... AND Flash... AND Apple Yesterday, of course, Microsoft released it's monthly patches. I found the Windows update site to be painfully slow (and in some cases unresponsive.) It wasn't quite a huge update day by recent standards, but here's the summary.... Incidents.org has a nice chart showing the two re-released patches (one is actually......
Blog Traffic Exchange Related Websites
  • Closing Down a House for the Winter Whether you have a vacation home that will not be in use for the winter, or you will be gone from your home for an extended period of time this season, it is a good idea to properly close up your home for the winter. This is not difficult and......
  • Microsoft Security Bulletin MS10-046 - Critical Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Published: August 02, 2010¬†|¬†Updated: August 03, 2010 Version: 1.1 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon......
  • Related Websites Welcome to the power of relevant chaos. The Related Websites plugin is the latest to come from the labs of the Blog Traffic Exchange. The Related plugin has been built by a blogger for the benefit of fellow bloggers everywhere. There is no advertising present on member blogs - only......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site