Announcement

Collapse
No announcement yet.

Severe vulnerability

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Severe vulnerability

    Attention to all Windows users (all versions of windows from the first windows to XP)
    "Microsoft is investigating new public reports of a vulnerability in Windows. Microsoft is also aware of the public release of detailed exploit code that could be used to exploit this vulnerability. Based on our investigation, this exploit code could allow an attacker to execute arbitrary code on the user's system by hosting a specially crafted Windows Metafile (WMF) image on a malicious Web site. Microsoft is aware that this vulnerability is being actively exploited.

    Microsoft has determined that an attacker using this exploit would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site. In an e-mail based attack, customers would have to be persuaded to click on a link within a malicious e-mail or open an attachment that exploited the vulnerability. In both the web and email based attacks, the code would execute in the security context of the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Microsoft will continue to investigate these reports and provide additional guidance depending on customer needs.

    Customers are encouraged to keep their anti-virus software up to date. The Microsoft Windows AntiSpyware (Beta) can also help protect your system from spyware and other potentially unwanted software. Customers can also visit Windows Live Safety Center and are encouraged to use the Complete Scan option to check for and remove malicious software that take advantage of this vulnerability. We will continue to investigate these public reports.

    Upon completion of this investigation, Microsoft will take appropriate action to help protect our customers. This will include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. If you are a Windows OneCare user and your current status is green, you are already protected from known malware that uses this vulnerability to attempt to attack systems.

    Microsoft’s investigation into this malicious act is ongoing. We are working closely with our anti-virus partners and aiding law enforcement in its investigation.

    Microsoft encourages users to exercise caution when they open e-mail and links in e-mail from untrusted sources. For more information about Safe Browsing, visit the Trustworthy Computing Web site.

    We continue to encourage customers to follow our Protect Your PC guidance of enabling a firewall, applying software updates and installing antivirus software. Customers can learn more about these steps at the Protect Your PC Web site.

    Customers who believe they have been attacked should contact their local FBI office or post their complaint on the Internet Fraud Complaint Center Web site. Customers outside the U.S. should contact the national law enforcement agency in their country.

    Customers who believe they may have been affected by this issue can also contact Product Support Services. You can contact Product Support Services in the United States and Canada at no charge using the PC Safety line (1 866-PCSAFETY). Customers outside of the United States and Canada can locate the number for no-charge virus support by visiting the Microsoft Help and Support Web site.

    Mitigating Factors:


    In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site.


    In an E-mail based attack of the current exploit, customers would have to be persuaded to click on a link within a malicious e-mail or open an attachment that exploited the vulnerability.


    An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


    By default, Internet Explorer on Windows Server 2003, on Windows Server 2003 Service Pack 1, on Windows Server 2003 with Service Pack 1 for Itanium-based Systems, and on Windows Server 2003 x64 Edition runs in a restricted mode that is known as Enhanced Security Configuration This mode mitigates this vulnerability where the e-mail vector is concerned although clicking on a link would still put users at risk. In Windows Server 2003, Microsoft Outlook Express uses plain text for reading and sending messages by default. When replying to an e-mail message that is sent in another format, the response is formatted in plain text. See the FAQ section of this vulnerability for more information about Internet Explorer Enhanced Security Configuration."


    The vulnerability is exploited by viewing an malicious website in IE. Also can be triggered by viewing an infected email in Outlook.

    I don't if this crap will happen in Firefox and Thunderbird.

    TO PREVENT THIS:

    Copy regsvr32 -u %windir%\system32\shimgvw.dll to unregister shimgvw.dll. Then, click Start - Run - Right-click and click paste and then Click OK. If an infobox appear, click OK.

    Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the
    Windows Picture and Fax Viewer.

    To enable the .dll back

    Modify the above to
    regsvr32 %windir%\system32\shimgvw.dll And click OK in the Run program. If an infobox appear, click OK.
    Irfan Faiz Nazerollnizam. Computer geek and gamer

  • #2
    Time to switch to Mac. I did, and I love it.

    Comment


    • #3
      Using Outlook? No.
      Using IE? Hell no!
      Doing regular updates/backups of everything? Of course.
      At a risk? Not more than using a Mac .

      Comment


      • #4
        I have all my important stuff on a second hard drive. And I use Firefox, and web-based e-mail, so I franky don't give a shit. Stuff like this comes out all the time, I don't even both updating windows, runs great.

        Comment


        • #5
          I haven't had a virus problem in over a year.
          Ad aware. Get it.

          Comment


          • #6
            meh

            Comment

            Working...
            X