Had fun with this today...(computer security issue)

Might want to take a look at this...every Windows OS from 2000 on is vulnerable.

http://mobile.computerworld.com/htm...ticleBasic&articleId=9015138&intsrc=news_list

JM-99

Yeah there was an alert out about that one yesterday.

I almost forgot about it till I realized my wife spends hours each day on the web using a Windows PC.

has it scewed up systems you are responsible for, Jumpmaster?



Daniel

gadget_lover said:

has it scewed up systems you are responsible for, Jumpmaster?

Click to expand...

I'll find out Monday.

I was helping a friend with problems with this today...it completely screwed up several critical systems there.

JM-99

Here's (some of) what MSFT has to say about it:

Microsoft is investigating new public reports of attacks exploiting a vulnerability in the way Microsoft Windows handles animated cursor (.ani) files. In order for this attack to be carried out, a user must either visit a Web site that contains a Web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker.

Click to expand...

It looks like one can be compromised via a website without having to download anything. The exploit will have the same permissions as the local user - so don't be logging in as root, like you've always been taught!

I always knew that Comet Cursor and its ilk was out to get me!

The register suggests Firefox users are immune from a "drive by."

Larry

idleprocess said:

Here's (some of) what MSFT has to say about it:

It looks like one can be compromised via a website without having to download anything.

Click to expand...

You are downloading and opening files when you visit a website. Your web browser figures out, by the type and context of the files, what it should do with them. If it can't tell, you're given that save as dialog. But just because you don't get that doesn't mean the same underlying process is not happening. It is.

From the BBC:
"Security firms said users can stay safe from this vulnerability by using an alternative browser, such as Opera or Firefox 2.0, with Windows. Also protected are those using Windows Vista with Internet Explorer 7.0."

From what I read, IE7 must be in protected mode, too. So, another case of being pretty safe without having to work at it (if you primarily use IE on your home machine...well, switch to something else, ASAP! This isn't the first, and won't be the last time!). It's businesses using whole MS systems, and thus being tied to IE, that are going to be nailed by this. Even with perimeter security is place, this can get by with a user that's used to IE going to browse the web.

cerbie said:

You are downloading and opening files when you visit a website. Your web browser figures out, by the type and context of the files, what it should do with them. If it can't tell, you're given that save as dialog. But just because you don't get that doesn't mean the same underlying process is not happening. It is.

Click to expand...

[sigh]

Of course you're downloading files when you open a website. Any embedded/referenced page element is executed if the browser knows what to do with it - HTML, images, scripts, plug-ins, etc. The trick seems to be that this exploit is automatically executed by many browsers as an embedded or referenced file. For many file types, saving it to disk is a desirable default action.

A large percentage of web exploits require the user to do something - download and execute a file, give some script permissions, install a malicious plug-in, etc. This doesn't, so it's a much bigger problem. Way to go, Microsoft.

We can all unlax, Uncle Bill's on it!

Larry

I only use IE when I absolutely have to in order to access a website that was created by MS tunnelheads. While that leaves my penetrability at something less than zero, it's close enough for practical purposes.

Now if we could only convince more webmasters to code for multiple browsers...

Just another reason I've used Opera as a browser for many years. It is not based on the Internet Explorer engine as so many others are. That and NAT and a fine tuned firewall and up to date virus protection are all necessary things. I ran my browser on the 'Test' page and it did NOT crash as IE would if unpatched.