New Zero Day Windows Vulnerability

BigV • Mar 30, 2007 7:07 pm
Dog Windows all you want, it pays the bills for me. And today I'm earning my pay. As a courtesy to all my friends in the same boat around here, I offer this urgent warning: [SIZE="5"]Get this patch. Now.[/SIZE]

Here's why:

March 30, 2007 (Computerworld) -- The Windows zero-day bug now being used by attackers is extremely dangerous, security researchers said today, and ranks with the Windows Metafile vulnerability of more than a year ago on the potential damage meter.

"This is a good exploit," Roger Thompson, CTO of Exploit Prevention Labs, said in an instant message exchange. "It's very dangerous. One of the reasons is that there's no crash involved...it's instantaneous. And all it takes is visiting a site."

...

"This is reminiscent of the former Windows Metafile (WMF) attacks from 2005 and 2006," Ken Dunham, director of VeriSign Inc.'s iDefense rapid response team, said in an e-mail. "It's trivial to update, multiple sites now host the code in a short period of time, and the highly virulent file exploitation vector within Windows Explorer exists."


Break's over--get busy people.
Kitsune • Apr 2, 2007 5:02 pm
Oh, for the love of... :smack:
glatt • Apr 2, 2007 5:14 pm
But Firefox is immune, right?
mbpark • Apr 2, 2007 8:17 pm
This is a system-level problem with how Windows handles .ANI cursor animations.

In other words, it doesn't matter what you run on top of Windows. If you get this, you've got issues with your PC.
BigV • Apr 3, 2007 11:45 am
The latest news is that MS will be releasing a patch *today* to fix this problem. I have just visited the Microsoft Update page, and no patch is available yet. But watch this space. It should happen today.

By the way, the third party patch described in the OP installed fine for me, and like most defensive measure, there's no way to tell if it did its job. Anyway, many others in my organization did have trouble with it, but all those troubles were related to the distribution method, not to the patch itself. It remains to be seen what complications I face when the MS patch comes out and I have a mixed set of systems with the 3rd party patch applied and some without. I reckon the "without" group will have the least trouble. I may find the "with" group will need to have the patch uninstalled. Lovely.
BigV • Apr 3, 2007 1:39 pm
[SIZE="4"][COLOR="Blue"]Order UP![/COLOR][/SIZE]

Your patch is ready. Check Microsoft Update or Windows Update.
Beestie • Apr 7, 2007 8:46 am
And then don't forget to get the patch to fix the patch. :smack:
BigV • Apr 10, 2007 12:44 pm
*whimpers*

Please, just make it stop. UNCLE, already.
Perry Winkle • Apr 10, 2007 9:14 pm
/grant hugs his copy of Parallels
Back to Forum | Back to Top