dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
783
share rss forum feed

BlitzenZeus
Burnt Out Cynic
Premium
join:2000-01-13
kudos:3

1 recommendation

That time of year is here again

»twitter.com/search/%23pwn2own?_e···3pwn2own

"VUPEN Security @VUPEN

We've pwned MS Surface Pro with two IE10 zero-days to achieve a full Windows 8 compromise with sandbox bypass #Pwn2own"

This is among other vendors. Being so close to patch tuesday I can only hope certain vendors can patch them correctly, and soon. Putting them off to the next patch tuesday likely will not be acceptable.
--
I distrust those people who know so well what god wants them to do because I notice it always coincides with their own desires- Susan B. Anthony
Yesterday we obeyed kings, and bent our necks before emperors. But today we kneel only to the truth- Kahlil G.

BlitzenZeus
Burnt Out Cynic
Premium
join:2000-01-13
kudos:3
Update to Firefox 3/7 version 19.0.2
»www.mozilla.org/en-US/firefox/19···senotes/


chachazz
Premium
join:2003-12-14
kudos:9
reply to BlitzenZeus

BlitzenZeus
Burnt Out Cynic
Premium
join:2000-01-13
kudos:3
reply to BlitzenZeus
Google Chrome has been updated.

I'm so glad I have plugins on click to play, and those still using IE... Well good luck on getting any patches this tuesday.


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
reply to BlitzenZeus
Since IE 10 was pawned, I suspect we may see some out of band other than March Patches

BlitzenZeus
Burnt Out Cynic
Premium
join:2000-01-13
kudos:3
Click for full size
Without knowing the source, apparently Avast is reporting there is an update for IE 10, however it's not available on Windows Update at this time.


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
said by BlitzenZeus:

Without knowing the source, apparently Avast is reporting there is an update for IE 10, however it's not available on Windows Update at this time.

I have the same "NEW" reported version Avast is talking about. Not familiar with the "LOCAL" version Avast is reporting.
--
Remember that cool hidden "Graffiti Wall" here on BBR? After the name change I became the "owner", so to speak as it became: Dustyn's Wall »[Serious] RIP

BlitzenZeus
Burnt Out Cynic
Premium
join:2000-01-13
kudos:3
So Microsoft is bad at syncing updates for IE for those who choose to disable that to make sure it doesn't cause problems as I do not like to reboot often, and updating IE usually requires a reboot. I cannot find a manual download for this at this time also. KB2718695 has been used more than once with previous versions, and doesn't offer the download.
--
I distrust those people who know so well what god wants them to do because I notice it always coincides with their own desires- Susan B. Anthony
Yesterday we obeyed kings, and bent our necks before emperors. But today we kneel only to the truth- Kahlil G.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3
reply to Dustyn
said by Dustyn:

I have the same "NEW" reported version Avast is talking about.

I don't think that's new. My IE10, installed but not used or updated since,

»IE reborn: Internet Explorer 10 arrives on Windows 7

has exactly the same dialog. Why do you think it's "new"?
--
Don't feed trolls--it only makes them grow!


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
reply to Dustyn
That version KB2718695 in my screenshot is the version I obtained from their download site below when Microsoft first released IE10 for consumer release a week or so ago.
»windows.microsoft.com/en-CA/inte···anguages
I do have auto updates enabled from within the browser, however, there have been no future updates to IE10 since that version release.
--
Remember that cool hidden "Graffiti Wall" here on BBR? After the name change I became the "owner", so to speak as it became: Dustyn's Wall »[Serious] RIP


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
reply to StuartMW
said by StuartMW:

said by Dustyn:

I have the same "NEW" reported version Avast is talking about.

I don't think that's new. My IE10, installed but not used or updated since,

»IE reborn: Internet Explorer 10 arrives on Windows 7

has exactly the same dialog. Why do you think it's "new"?

Oh, I don't think it's "NEW"... I'm just stating that I have the same reported "NEW" version Avast is claiming.
--
Remember that cool hidden "Graffiti Wall" here on BBR? After the name change I became the "owner", so to speak as it became: Dustyn's Wall »[Serious] RIP


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3
said by Dustyn:

I don't think it's "NEW"... I'm just stating that I have the same reported "NEW" version Avast is claiming.

Ahhhh. Well I use FF and that has been patched, to 19.0.2, already

BTW are you running IE10 under EMET? I am (not that I use it anyway).
--
Don't feed trolls--it only makes them grow!

BlitzenZeus
Burnt Out Cynic
Premium
join:2000-01-13
kudos:3

1 recommendation

reply to Dustyn
Well that system I pulled the information from was a Win 8 system.


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
Ah, that explains the version differences.


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
reply to StuartMW
said by StuartMW :

BTW are you running IE10 under EMET? I am (not that I use it anyway).

Yes.
My entire system has it on.

»/r0/download/2···tled.gif

BlitzenZeus
Burnt Out Cynic
Premium
join:2000-01-13
kudos:3
reply to Dustyn
Maybe, either way I don't use IE as my preferred browser. I even changed the built-in flash in IE to be click to play by removing the * in it's properties which makes it play on all sites by default as on previous operating systems I wouldn't install flash for IE at all.
--
I distrust those people who know so well what god wants them to do because I notice it always coincides with their own desires- Susan B. Anthony
Yesterday we obeyed kings, and bent our necks before emperors. But today we kneel only to the truth- Kahlil G.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3

1 recommendation

reply to Dustyn
Not sure if that helps against the exploit but it can't hurt. I run FF under EMET
--
Don't feed trolls--it only makes them grow!


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
reply to Dustyn
There might be out-of-band for IE post • »CanSecWest 2013/Pwn2Own 2013 - Mar 6-7-8