New Zero Day Windows Vulnerability

BigV · 03-30-2007, 06:07 PM

Dog Windows all you want, it pays the bills for me. And today I'm earning my pay. As a courtesy to all my friends in the same boat around here, I offer this urgent warning: Get this patch. Now.

Here's why:

Quote:

March 30, 2007 (Computerworld) -- The Windows zero-day bug now being used by attackers is extremely dangerous, security researchers said today, and ranks with the Windows Metafile vulnerability of more than a year ago on the potential damage meter.

"This is a good exploit," Roger Thompson, CTO of Exploit Prevention Labs, said in an instant message exchange. "It's very dangerous. One of the reasons is that there's no crash involved...it's instantaneous. And all it takes is visiting a site."

...

"This is reminiscent of the former Windows Metafile (WMF) attacks from 2005 and 2006," Ken Dunham, director of VeriSign Inc.'s iDefense rapid response team, said in an e-mail. "It's trivial to update, multiple sites now host the code in a short period of time, and the highly virulent file exploitation vector within Windows Explorer exists."

Break's over--get busy people.

Kitsune · 04-02-2007, 04:02 PM

Oh, for the love of...

glatt · 04-02-2007, 04:14 PM

But Firefox is immune, right?

mbpark · 04-02-2007, 07:17 PM

This is a system-level problem with how Windows handles .ANI cursor animations.

In other words, it doesn't matter what you run on top of Windows. If you get this, you've got issues with your PC.

BigV · 04-03-2007, 10:45 AM

The latest news is that MS will be releasing a patch *today* to fix this problem. I have just visited the Microsoft Update page, and no patch is available yet. But watch this space. It should happen today.

By the way, the third party patch described in the OP installed fine for me, and like most defensive measure, there's no way to tell if it did its job. Anyway, many others in my organization did have trouble with it, but all those troubles were related to the distribution method, not to the patch itself. It remains to be seen what complications I face when the MS patch comes out and I have a mixed set of systems with the 3rd party patch applied and some without. I reckon the "without" group will have the least trouble. I may find the "with" group will need to have the patch uninstalled. Lovely.

BigV · 04-03-2007, 12:39 PM

Order UP!

Your patch is ready. Check Microsoft Update or Windows Update.

Beestie · 04-07-2007, 07:46 AM

And then don't forget to get the patch to fix the patch.

BigV · 04-10-2007, 11:44 AM

*whimpers*

Please, just make it stop. UNCLE, already.

Perry Winkle · 04-10-2007, 08:14 PM

/grant hugs his copy of Parallels

04-02-2007, 07:17 PM	#4
mbpark Lecturer Join Date: Jan 2001 Location: Carmel, Indiana Posts: 761	No This is a system-level problem with how Windows handles .ANI cursor animations. In other words, it doesn't matter what you run on top of Windows. If you get this, you've got issues with your PC.

04-03-2007, 10:45 AM	#5
BigV Goon Squad Leader Join Date: Nov 2004 Location: Seattle Posts: 27,063	The latest news is that MS will be releasing a patch today to fix this problem. I have just visited the Microsoft Update page, and no patch is available yet. But watch this space. It should happen today. By the way, the third party patch described in the OP installed fine for me, and like most defensive measure, there's no way to tell if it did its job. Anyway, many others in my organization did have trouble with it, but all those troubles were related to the distribution method, not to the patch itself. It remains to be seen what complications I face when the MS patch comes out and I have a mixed set of systems with the 3rd party patch applied and some without. I reckon the "without" group will have the least trouble. I may find the "with" group will need to have the patch uninstalled. Lovely. __________________ Be Just and Fear Not.

04-03-2007, 12:39 PM	#6
BigV Goon Squad Leader Join Date: Nov 2004 Location: Seattle Posts: 27,063	Order UP! Your patch is ready. Check Microsoft Update or Windows Update. __________________ Be Just and Fear Not.

04-07-2007, 07:46 AM	#7
Beestie -◊\|≡·∙■·∙≡\|◊- Join Date: Feb 2003 Location: Parts unknown. Posts: 4,081	And then don't forget to get the patch to fix the patch. __________________ ♠ ♥ ♣ ♦

04-10-2007, 11:44 AM	#8
BigV Goon Squad Leader Join Date: Nov 2004 Location: Seattle Posts: 27,063	whimpers Please, just make it stop. UNCLE, already. __________________ Be Just and Fear Not.

04-02-2007, 04:02 PM	#2
Kitsune still eats dirt Join Date: Sep 2003 Location: Tampa, FL Posts: 3,031	Oh, for the love of...

04-02-2007, 04:14 PM	#3
glatt ™ Join Date: Jul 2003 Location: Arlington, VA Posts: 27,717	But Firefox is immune, right?

04-10-2007, 08:14 PM	#9
Perry Winkle Esnohplad Semaj Ton Join Date: Feb 2005 Location: A little south of sanity Posts: 2,259	/grant hugs his copy of Parallels

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)