Posted on 12/28/2005 5:45:47 PM PST by Salo
Security researchers have released instructions for exploiting a previously unknown security hole in Windows XP and Windows 2003 Web Server with all of the latest patches applied.
(Excerpt) Read more at blogs.washingtonpost.com ...
Pings.
Thanks. I searched on the headline and it came up clean.
Yeah that happens sometimes when folks change the headlines ......stay safe !
Damn you, Ernest! :-) /shakes fist
Start - Run - regsvr32 /u shimgvw.dll
This will disable the vulnerable component, Windows Fax and Picture Viewer. Alternatively, you can use Folder Options - File Types to change the association for .WMF files to something other than that program.
or switch to Apple or Linux and open Office
I didn't use the Washington Post as the source Document since they require extraction and weren't as close to the original as my source.....I thought that was Fair....Hehehe
Here we go again...
All operating systems are vulnerable...even proprietary private ones...and EVEN your holy grails Apple and Linux...
90% of the common computing planet run on Win OS systems...and the world is not ending tommorrow...
Very good !........:o)
Freethinking freeper !!
No they are not!
Windows has specific architectural flaws (from a security standpoint) that neither Linux nor Apple's OS have (or for that matter, any Unix-like OS). For instance, the graphics drivers run in-kernel, so a bug in the graphics driver can bring down the whole system.
snip.....
Two of the vulnerabilities lie in the way the Linux kernel--the core of the open-source operating system--manages memory. They affect all current versions of Linux, according to advisories released on Wednesday by iSEC Security Research, a Polish security company. The third flaw affects the module for the kernel that supports ATI Technologies' Rage 128-bit video card.
----end snip
I find it so amusing how a flaw in Windows always translates into another OS being superior because it doesn't share the flaw...That like saying a Ford is better than a Chevy because Chevy fuel tanks explode....the logical disconnect typically doesn't even warrant a response....
That's nice... enjoy your XP trojans, viruses, adware, and spyware... all several tens of thousands of them.
"Any application that automatically displays a WMF image will cause the user’s machines to get infected."
"This includes older versions of Firefox, current versions of Opera, Outlook and all current version of Internet Explorer on all versions of Windows."
http://sunbeltblog.blogspot.com/2005/12/new-exploit-blows-by-fully-patched.html
All operating systems are not *equally* vulnerable. I could store valuables in my unlocked car, or I could put them in a safe in my home. Neither method can guarantee their security, but one has a much better chance than the other.
See tagline for zig.
"You might want to block these sites at your firewall while waiting for a Microsoft patch:"
Crackz [dot] ws
unionseek [dot] com
www.tfcco [dot] com
Iframeurl [dot] biz
beehappyy [dot] biz
And funnily enough, according to WHOIS, domain beehappyy.biz is owned by a previous president of Soviet Union:
Registrant Name: Mikhail Sergeevich Gorbachev
Registrant Address1: Krasnaya ploshad, 1
Registrant City: Moscow
Registrant Postal Code: 176098
Registrant Country: Russian Federation
Registrant Country Code: RU
"Krasnaya ploshad" is the Red Square in Moscow...
"Do note that it's really easy to get burned by this exploit if you're analysing it under Windows. All you need to do is to access an infected web site with IE or view a folder with infected files with the Windows Explorer."
"As a precaution, we recommend administrators to block access to unionseek[DOT]com and to filter all WMF files at HTTP proxy and SMTP level."
"F-Secure Anti-Virus detects the offending WMF file as W32/PFV-Exploit with the 2005-12-28_01 updates."
"We expect Microsoft to issue a patch on this as soon as they can."
http://www.f-secure.com/weblog/archives/archive-122005.html#00000752
Thought you might like to see this... if you haven't already.
"I have zero problems and have never had a problem caused by a virus or spyware...ever..."
Not having any problem is different than not being infected. You could be infected and keystroke monitored, for example, and never know it.
"I enjoy a million more choices in software and data services and make a living sitting at this computer everyday trading the markets..."
Most trading software is web based these days and works equally well on any platform.
"There isn't any decent retail technical analysis software available for any other OS but this one..."
Not my area of expertise.. but...
"I also program my own trading apps using C# NET in the most powerful retail integrated development environment known to man..MS Visual Studio NET...a master piece of program engineering..."
Have you given Eclipse a shot? It's pretty nifty. I used to develop on win32... porting apps from one version of visual studio to another is a real drag. Not very forward compatible!
"Chicken Little Linux and Apple cult members will never convince me a better solution for my needs exists..."
No one is arguing that the sky is falling, so that's a bad analogy.
"Despite the fact that right now...there are hundreds of thousands of malicious programmers trying to bring down the mighty MSFT....it ain't going to happen..."
It happens to the mighty MSFT's software on a weekly basis.
"and its a testament to the OS that it has withstood this withering barage of attacks"
Yeah... withstood a withering barage of attacks... heheh. Right.
"and malcontents..."
Malcontent: a person who is discontented or disgusted
Damn right!
Linux fubar.(private infoz!) 2.6.11-1.1369_FC4 #1 Thu Jun 2 22:55:56 EDT 2005 i686 i686 i386 GNU/Linux
ping
Technical analysis software is client sided...it consumes data at a prodigious pace on the client...typically through sockets, or a proprietary binary protocol...
The problem is that 99 to 1, applications commonly available for client installation are windows based...
The supertanker's course cannot be changed by attempting to point out that a better steering mechanism is available 'over here'...
Meanwhile all hands are on deck and functioning in concurrence with direction of the ship...
Its not enough to point out the flaws...we know they are there...
why on earth would windows need a patch? :)
Performance is spelled incorrectly.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.