Skip to comments.
Patch Tuesday: Microsoft raises alert for dangerous IE, Windows flaws
ZDnet ^
| 12 Jun 2012
| Ryan Naraine
Posted on 06/13/2012 9:39:00 PM PDT by OldEarlGray
click here to read article
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-60, 61-78 next last
"These changes follow the incredible discovery that attackers with nation-state backing hacked the Windows Update utility to spoof certificates and spread the Flame malware within Windows networks"
Hmm. Let us ask the good Lutheran question: "What does this mean?"
Anybody? Anybody? Buuuuhler?
To: Travis McGee; CodeToad
“All your base classes are belong to us, hahaha” ping.
2
posted on
06/13/2012 9:41:20 PM PDT
by
OldEarlGray
(The POTUS is FUBAR until the White Hut is sterilized with Tea)
To: OldEarlGray
That means that your next automatic “Windows Update” could come all the way from North Korea.
To: OldEarlGray
It means you should be using Firefox.
4
posted on
06/13/2012 9:44:51 PM PDT
by
bossmechanic
(If all else fails, hit it with a hammer)
To: OldEarlGray
to hijack and take complete control of vulnerable machines.Wouldn't you notice if your computer was hijacked?
And wouldn't you then just unplug it?
To: bossmechanic
>>it means you should be using firefox.
The compromise of(or the ability to spoof/fake) Microsoft’s signing certificates is much more than just a browser issue.
6
posted on
06/13/2012 9:50:21 PM PDT
by
OldEarlGray
(The POTUS is FUBAR until the White Hut is sterilized with Tea)
To: Lancey Howard
>>Wouldn’t you notice if your computer was hijacked?
Not if the attacker is operating “low and slow”.
This has been a topic of discussion here at Microsoft’s TechEd all week.
7
posted on
06/13/2012 9:56:06 PM PDT
by
OldEarlGray
(The POTUS is FUBAR until the White Hut is sterilized with Tea)
To: OldEarlGray
I never do auto updates, I want to see what it is
8
posted on
06/13/2012 9:56:16 PM PDT
by
markman46
(engage brain before using keyboard!!!)
To: OldEarlGray
HUH? How could anybody be caught out with a cert key
less than 1024 bits??
I haven't allowed anything shorter than 2048 bits to be generated in our shop in a couple of years. It's not hard -- just specify the number when making the key.
How tough is that? WTF?
9
posted on
06/13/2012 9:57:37 PM PDT
by
dayglored
(Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
To: Revolting cat!
Say hello to the WU Man in the Middle.
10
posted on
06/13/2012 9:58:37 PM PDT
by
OldEarlGray
(The POTUS is FUBAR until the White Hut is sterilized with Tea)
To: OldEarlGray
Queue the apple evangelics 1...2...3...
11
posted on
06/13/2012 10:01:05 PM PDT
by
Carolina_Thor
(It's always better to be thought a fool, than to open your mouth and remove all doubt.)
To: Carolina_Thor
Naw, it’s the EUNUCHS boys we’re expecting!
To: Revolting cat!
To: dayglored
Some shops have development tools that are more than just a couple of years old.
Dunno how many bits those dlls were signed with, but I’d expect good FR SA folks might want to inventory their legacy software artifacts post haste.
14
posted on
06/13/2012 10:06:20 PM PDT
by
OldEarlGray
(The POTUS is FUBAR until the White Hut is sterilized with Tea)
To: OldEarlGray
Malware can be a thing of the past of you familiarize yourself with and use a program called "Sandboxie".
It's cheap and it works. I started using it after I got sick and tired of having to clean up malware. A lot of times, you sit around wondering if you are infected and don't even know it. Are you? anyway, I got sick of it and I won't use a web browser anymore unless it runs in a sandbox. I highly encourage people to investigate and use this. There is a 30 day free trial... just google the program name.
This is no substitute for keeping your PC patched up to date, but it takes all the worry out of using email or web browsers.
15
posted on
06/13/2012 10:32:51 PM PDT
by
FunkyZero
(... I've got a Grand Piano to prop up my mortal remains)
To: bossmechanic
Are the "Microsoft" assemblies listed here real...
...or are they, something else?
Personally, I don't find it disturbing at all that centrifuges under the control of insane religious tyrant thugs had an "accident"; and if that's what it takes to keep our wives and daughters from being forced to wear a burkha, then by all means - CHARLIE MIKE and blow up some more shyte.
But, folks should know that at least one of the [foreign born] security presenters here at MS TechED was quacking all indignantly about that incident -- whilst lamenting the demise of the Anonymice.
16
posted on
06/13/2012 10:35:51 PM PDT
by
OldEarlGray
(The POTUS is FUBAR until the White Hut is sanitized with American Tea)
To: FunkyZero
You don’t have to use a web browser to be infected with malware.
17
posted on
06/13/2012 10:39:09 PM PDT
by
OldEarlGray
(The POTUS is FUBAR until the White Hut is sanitized with American Tea)
To: OldEarlGray
Web browsing is how 90% of PC's get infected. The other 10% come from email (normally running in a web browser as well).
Also, if you actually looked at the program, you would see that ANY executable program can be ran sandboxed, not just web browsers.
18
posted on
06/13/2012 10:46:34 PM PDT
by
FunkyZero
(... I've got a Grand Piano to prop up my mortal remains)
To: FunkyZero
>>This is no substitute for keeping your PC patched up to date
Keeping your PC patched up to date is important but that’s not enough.
How many folks are reading this whilst [needlessly] logged in using a UserID that has Administrative privileges [by default] assigned to it?
Or without a firewall and up to date virus protection?
Or without the most recent OS security patches applied by the Automated Updated Utility, that’s signed by Microsoft... or not?
19
posted on
06/13/2012 11:00:38 PM PDT
by
OldEarlGray
(The POTUS is FUBAR until the White Hut is sanitized with American Tea)
To: FunkyZero
Baloney.
SQL injection uses neither “Web Browsing” nor “Email”.
If I want a sandbox, I’ll use a VM.
20
posted on
06/13/2012 11:08:43 PM PDT
by
OldEarlGray
(The POTUS is FUBAR until the White Hut is sanitized with American Tea)
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-60, 61-78 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson