Feb 15th: New year new bugs
Posted: 2004-01-28 01:41am
Get your fill of sci-fi, science, and mockery of stupid ideas
https://bbs.stardestroyer.net/
Currently, there is no complete solution for this vulnerability. Until a patch is available, consider the workarounds listed below.
Disable ITS protocol handlers
Disabling ITS protocol handlers appears to prevent exploitation of this vulnerability. Delete or rename the following registry keys:
Disabling these protocol handlers will significantly reduce the functionality of the Windows Help system and may have other unintended consequences. Plan to undo these changes after patches have been tested and installed.Code: Select all
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\{ms-its,ms-itss,its,mk}
Follow good Internet security practices
These recommended security practices will help to reduce exposure to attacks and mitigate the impact of cross-domain vulnerabilities.
- Disable Active scripting and ActiveX controls
NOTE: Disabling Active scripting and ActiveX controls will not prevent the exploitation of this vulnerability.
Disabling Active scripting and ActiveX controls in the Internet and Local Machine Zones may stop certain types of attacks and will prevent exploitation of different cross-domain vulnerabilities. Disable Active scripting and ActiveX controls in any zones used to read HTML email.
Disabling Active scripting and ActiveX controls in the Local Machine Zone will prevent malicious code that requires Active scripting and ActiveX controls from running. Changing these settings may reduce the functionality of scripts, applets, Windows components, or other applications. See Microsoft Knowledge Base Article 833633 for detailed information about security settings for the Local Machine Zone. Note that Service Pack 2 for Windows XP includes these changes.- Do not follow unsolicited links
Do not click on unsolicited URLs received in email, instant messages, web forums, or Internet relay chat (IRC) channels.- Maintain updated anti-virus software
Anti-virus software with updated virus definitions may identify and prevent some exploit attempts. Variations of exploits or attack vectors may not be detected. Do not rely solely on anti-virus software to defend against this vulnerability. More information about viruses and anti-virus vendors is available on the US-CERT Computer Virus Resources page.
CERT recommends that Explorer users consider other browsers that are not affected by the attack, such as Mozilla, Mozilla Firefox, Netscape and Opera. Mac, Linux and other non-Windows operating systems are immune from this attack. For people who continue to use the Internet Explorer, CERT and Microsoft recommend setting the browser's security settings to "high," but that can impair some browsing functions.
The fix is just in:Crayz9000 wrote:Another VERY BAD Internet Explorer hole has been discovered -- actually, two. Only one of them is fixed by WinXP Service Pack 2.
The only known solution right now is to disable Active Scripting for all but the websites that you trust.
The Secunia advisory can be read if you want more information.
Sounds like yet another variant of CWS to me. And I though lop.com and xupiter were bad?! Ha!Crayz9000 wrote:El Reg reports that a yet-unnamed worm similar to Download.Ject is spreading via AIM and ICQ, with the message apparently being "My personal home page http://XXXXXXX.X-XXXXXX.XXX/" The page it links to is filled with exploits and malware goodness.
This is only a concern if your default browser is Internet Explorer, and then again, you shouldn't really be dumb enough to open links from complete strangers in IM anyway.
This update resolves a newly-discovered, privately reported vulnerability. A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. The vulnerability is documented in this bulletin in its own section.
If a user is logged on with administrator privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
Microsoft recommends that customers apply the update immediately.
True but it affects a shitload of other applications:phongn wrote:Said bug does not apply to XP SP2, BTW
Affected Software:
Microsoft Windows XP and Microsoft Windows XP Service Pack 1 – Download the update
Microsoft Windows XP 64-Bit Edition Service Pack 1 – Download the update
Microsoft Windows XP 64-Bit Edition Version 2003 – Download the update
Microsoft Windows Server™ 2003 – Download the update
Microsoft Windows Server 2003 64-Bit Edition – Download the update
Microsoft Office XP Service Pack 3 – Download the update
Microsoft Office XP Service Pack 2 – Download the administrative update
Microsoft Office XP Software:
Outlook® 2002
Word 2002
Excel 2002
PowerPoint® 2002
FrontPage® 2002
Publisher 2002
Microsoft Office 2003 – Download the update
Microsoft Office 2003 Software:
Outlook® 2003
Word 2003
Excel 2003
PowerPoint® 2003
FrontPage® 2003
Publisher 2003
InfoPath™ 2003
OneNote™ 2003
Microsoft Project 2002 Service Pack 1 (all versions) – Download the update
Microsoft Project 2003 (all versions) – Download the update
Microsoft Visio 2002 Service Pack 2 (all versions) – Download the update
Microsoft Visio 2003 (all versions) – Download the update
Microsoft Visual Studio .NET 2002 – Download the update
Microsoft Visual Studio .NET 2002 Software:
Visual Basic .NET Standard 2002
Visual C# .NET Standard 2002
Visual C++ .NET Standard 2002
Microsoft Visual Studio .NET 2003 – Download the update
Microsoft Visual Studio .NET 2003 Software:
Visual Basic .NET Standard 2003
Visual C# .NET Standard 2003
Visual C++ .NET Standard 2003
Visual J# .NET Standard 2003
The Microsoft .NET Framework version 1.0 SDK Service Pack 2 – Download the update
Microsoft Picture It!® 2002 (all versions) – Download the update
Microsoft Greetings 2002 – Download the update
Microsoft Picture It! version 7.0 (all versions) – Download the update
Microsoft Digital Image Pro version 7.0 – Download the update
Microsoft Picture It! version 9 (all versions, including Picture It! Library) – Download the update
Microsoft Digital Image Pro version 9 – Download the update
Microsoft Digital Image Suite version 9 – Download the update
Microsoft Producer for Microsoft Office PowerPoint (all versions) – Download the update
Microsoft Platform SDK Redistributable: GDI+ - Download the update
New IM Worm On The Loose
Posted by CmdrTaco on Monday October 11, @07:28PM
from the head-for-the-hills dept.
elfarto writes "Techweb is reporting that a new worm that spreads via Microsoft's instant messaging client began badgering users Monday, several security firms said. Dubbed Funner, the worm propagates by sending itself to all the contacts listed in the user's copy of MSN Messenger, Microsoft's IM client. There is an analysis on Symantec Security Response Site; apparently the worm tries to download stuff from www.78p.com and adds entries to the hosts file pointing to more that 400 Chinese porn sites. The worm also sends itself to the whole contact list as funny.exe so it requires the user interaction to actually execute it. "
Then, there's a less critical Mozilla/Firefox/Camino bug that has to do with the tabbed browsing setup. It's been an annoyance for a while now since Mozilla doesn't control where your keyboard focus is.Description:
http-equiv has discovered two vulnerabilities in Internet Explorer, which can be exploited by malicious people to compromise a user's system, link to local resources, and bypass a security feature in Microsoft Windows XP SP2.
Solution:
Disable Active Scripting or use another product.
Description:
Secunia Research has discovered two vulnerabilities in Mozilla, Mozilla Firefox, and Camino, which can be exploited by malicious web sites to obtain sensitive information and spoof dialog boxes.
The vulnerability has been confirmed in the following versions:
* Mozilla 1.7.2 and 1.7.3
* Mozilla Firefox 0.10.1
Other versions may also be vulnerable.
Solution:
Don't visit trusted web sites while visiting untrusted web sites or disable JavaScript.