dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
5009
share rss forum feed


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3

1 recommendation

reply to redwolfe_98

Re: IE Zero-Day

IE is being patched Mon Jan 14th

»Microsoft Security Bulletin Advance Notification for 14th!
--
Don't feed trolls--it only makes them grow!


antdude
A Matrix Ant
Premium,VIP
join:2001-03-25
United State
kudos:5
Reviews:
·Time Warner Cable
reply to Blackbird
said by Blackbird:

As with all software patches, from all sources, they'll roll out a patch when and if they're ready. First they have to determine the scope of the causal factors, then find fixes that don't break things, then test against all manner of system setups. Each step takes time to be done properly, and little can be accomplished by trying to do the steps in parallel.

Yep, don't rush them. We don't want a buggy release.
--
Ant @ AQFL.net and AntFarm.ma.cx. Please do not IM/e-mail me for technical support. Use this forum or better, »community.norton.com ! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.


Blackbird
Built for Speed
Premium
join:2005-01-14
Fort Wayne, IN
kudos:3
Reviews:
·Frontier Communi..

1 recommendation

reply to redwolfe_98
As with all software patches, from all sources, they'll roll out a patch when and if they're ready. First they have to determine the scope of the causal factors, then find fixes that don't break things, then test against all manner of system setups. Each step takes time to be done properly, and little can be accomplished by trying to do the steps in parallel.
--
“The American Republic will endure until the day Congress discovers that it can bribe the public with the public's money.” A. de Tocqueville

slajoh01

join:2005-04-23

3 edits

1 recommendation

reply to 47717768
Will MS ever roll out this patch in the near future for IE 8?

Thanks!!!


47717768
Premium
join:2003-12-08
Birmingham, AL
kudos:2
reply to redwolfe_98
Just checked Windows Updates, and 9 security updates were listed.


therube

join:2004-11-11
Randallstown, MD
Reviews:
·Comcast
·Verizon Online DSL
reply to redwolfe_98
"... Even though a security company has revealed that it had managed to bypass Microsoft’s one-click “Fix it” solution for Internet Explorer 8 and older, the Redmond-based software firm says that users are fully protected if they deploy the patch.

“We’ve reviewed the information and are working on an update, which we will make available to all customers on IE6-8 as soon as it is ready for distribution,” said Dustin Childs, group manager, Microsoft Trustworthy Computing, according to ThreatPost.

“In the meantime, the current Fix it, mitigations and workarounds available in Security Advisory 2794220 fully protect against all known active attacks. We also continue to encourage customers to upgrade their browsers to IE9-10, which are not affected by this issue.”

While Internet Explorer 9 and Internet Explorer 10 are not affected by the issue, security vendors across the globe are confirming that more websites have been compromised in order to exploit the flaw.

“The whole point of the waterhole tactic is that they believe such sites, although usually not with high numbers of users, will have interesting visitors,” said Jindrich Kubec, Avast Virus Lab’s director of Threat Intelligence. “At least two of the sites use the same spyware binary with exactly same configuration. The rest look a bit different, but we haven’t investigated it thoroughly yet.”..."

»news.softpedia.com/news/Microsof···47.shtml
Expand your moderator at work


trparky
Apple... YUM
Premium,MVM
join:2000-05-24
Cleveland, OH
kudos:2
reply to slajoh01

Re: IE Zero-Day

EMET would be the best bet in that kind of situation.

slajoh01

join:2005-04-23
reply to chachazz
Where I work, we still use IE 8. What should companies urge to do in the meantime while MS decides to roll up the patch for this?

We cannot upgrade to IE 9 or 10.

And also, we not allowed to use Firefox and other browsers either.

The workarounds explained on the MS site, is to extend the Internet/Intranet Security zones to HIGH, and thats no good for the users because IE is then worthless to use....unless adding those sites in the Trusted Zones.

And also, even though if MS decides to roll out the patch on Tuesday, our IT department has to still then delay the patch deployment for about a week in order to test it with our applications.

So what should companies like this do in this case if this is a huge exploit???


chachazz
Premium
join:2003-12-14
kudos:9
reply to trparky
Internet Explorer 9 and 10 are not vulnerable to this exploit.


chachazz
Premium
join:2003-12-14
kudos:9
reply to redwolfe_98
Internet Explorer zero-day exploit found on more websites.
»nakedsecurity.sophos.com/2013/01···ebsites/


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3

1 recommendation

reply to trparky
Well regardless XP/Vista/Win7 users would be well served by installing/configuring it. Win8 I'm not sure.
--
Don't feed trolls--it only makes them grow!


trparky
Apple... YUM
Premium,MVM
join:2000-05-24
Cleveland, OH
kudos:2
Reviews:
·AT&T U-Verse
reply to trparky
ASLR and exploit mitigations
Address Space Layout Randomization (ASLR) was introduced in Windows Vista and is essentially a technique to mitigate the infamous “Buffer Overrun” vulnerabilities by randomly moving the location of code and data in memory. In Windows 8 randomization is increased in order to foil known techniques for bypassing ASLR. Other mitigations include changes to the Windows kernel and heap, including new integrity checks and randomization using a similar approach to ASLR. Internet Explorer 10 will also benefit from these changes: besides including an “Enhanced Protected Mode” sandbox, there will be a “ForceASLR” option in IE10 that can randomize all modules loaded into memory by the browser, regardless if those modules did not opt in to use ASLR protection (developers can create modules that take advantage of ASLR protection by using the optional /DYNAMICBASE flag).

EMET provides much more than that.
--
Tom
Boycott AT&T uVerse! | Tom's Android Blog | AOKP (The Android Open Kang Project)


trparky
Apple... YUM
Premium,MVM
join:2000-05-24
Cleveland, OH
kudos:2
reply to StuartMW
Maybe, I don't know.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3
reply to trparky
said by trparky:

EMET does indeed work with Windows 8.

That wasn't my point BTW. I thought W8 included some version of EMET out of the box.
--
Don't feed trolls--it only makes them grow!


trparky
Apple... YUM
Premium,MVM
join:2000-05-24
Cleveland, OH
kudos:2
reply to StuartMW
EMET does indeed work with Windows 8. I have it protecting Firefox on my Windows 8 installation.


chachazz
Premium
join:2003-12-14
kudos:9
Reviews:
·TELUS
reply to daveinpoway
said by daveinpoway:

A security researcher has found a way to bypass Microsoft's temporary "fix"n

Info posted by Smokey Bear See Profile (on page 2)
»Re: IE Zero-Day

daveinpoway
Premium
join:2006-07-03
Poway, CA
kudos:3
reply to antdude
A security researcher has found a way to bypass Microsoft's temporary "fix":»www.computerworld.com/s/article/···13-01-07


antdude
A Matrix Ant
Premium,VIP
join:2001-03-25
United State
kudos:5
Reviews:
·Time Warner Cable
reply to StuartMW
said by StuartMW:

said by antdude:

It could be one of those out of the bound (OOTB) releases.

I think you mean Out Of Band

Out Of Bounds is usually sports related

DOH! You're right. Dang sports.
--
Ant @ AQFL.net and AntFarm.ma.cx. Please do not IM/e-mail me for technical support. Use this forum or better, »community.norton.com ! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.

slajoh01

join:2005-04-23

1 edit
reply to 47717768
And do people or users know if they have been attacked from this exploit? What are the signs and symtoms?

Ok, then let me ask this to everyone.
For those of u here who have always have been a fan of IE or has or is still using IE as their main browser, are u considering to use another browser?

The reason I like IE, because I can lock it down using the Group Policy editor. Firefox does not have this kind of "granular" control.
And thats perhaps one of the reasons why System Admins prefer to use IE at most companies.

Until MS rolls out this fix or patch, I will use FF instead....in the meantime.


47717768
Premium
join:2003-12-08
Birmingham, AL
kudos:2
reply to slajoh01
Exactly. There is no point of upgrading to IE 9 or 10. Thing is a lot of companies have a crazy policy that does not allow to go with any other browser, but freaking IE.

slajoh01

join:2005-04-23
reply to trparky
Why do large corporations still use IE as their main browser instead of using Firefox or Chrome if IE is that bad?

Also, If MS is not rolling out the patch on Tues, then we have two options basically. Use another browser, or upgrade to IE 9 and 10.

I am not upgrading to 9 or 10. They will have security flaws anyway...Im seriously thinking about using FF as my main browser. Im thinking of it very very much.

How about the rest of you? Are u guys willing to move to a different browser after this mess?


trparky
Apple... YUM
Premium,MVM
join:2000-05-24
Cleveland, OH
kudos:2
reply to StuartMW
Then Microsoft is wrong, I have EMET working on Windows 8 just fine.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3

1 edit

1 recommendation

reply to antdude
said by antdude:

It could be one of those out of the bound (OOTB) releases.

I think you mean Out Of Band

Out Of Bounds is usually sports related
--
Don't feed trolls--it only makes them grow!


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3
reply to Smokey Bear
W8 has EMET (under another name?) built-in. Besides W8 comes with IE10 which isn't vulnerable.


Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
kudos:4

1 recommendation

reply to DevilFrank
According to MS, EMET will not work with W8.


DevilFrank

join:2003-07-13
Reviews:
·T-Com
reply to Smokey Bear
said by Smokey Bear:

said by chachazz:
You might want to take a second look at the diary published this week that is using EMET 3.5 as another tool to help defend your Windows systems against various attacks.

[3] »isc.sans.edu/diary.html?storyid=14797
Thanks chachazz See Profile, valuable info in your post. The use of EMET is highly recommendable and SANS explains very well.

But will it work on W8 properly? Can´t find a version for it.
--
Regards from Germany. Please excuse my stumbling English


Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
kudos:4

1 recommendation

reply to chachazz
said by chachazz:
You might want to take a second look at the diary published this week that is using EMET 3.5 as another tool to help defend your Windows systems against various attacks.

[3] »isc.sans.edu/diary.html?storyid=14797
Thanks chachazz See Profile, valuable info in your post. The use of EMET is highly recommendable and SANS explains very well.
--
»bit.ly/gUqYaH - C. Brian Smith: Think of the exclamation point as a car horn: a little goes a long way. Lay on it too hard and everyone’s going to think you’re a moron.

slajoh01

join:2005-04-23
reply to antdude
I dont get it....Why do large corporations still use IE as their main browser instead of using Firefox or Chrome if IE is that bad?


antdude
A Matrix Ant
Premium,VIP
join:2001-03-25
United State
kudos:5
Reviews:
·Time Warner Cable
reply to therube
It could be one of those out of the bound (OOTB) releases.
--
Ant @ AQFL.net and AntFarm.ma.cx. Please do not IM/e-mail me for technical support. Use this forum or better, »community.norton.com ! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.