dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1740
share rss forum feed


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico

1 recommendation

Microsoft Security Advisory (2847140)

Vulnerability in Internet Explorer Could Allow Remote Code Execution
»technet.microsoft.com/en-us/secu···/2847140
»blogs.technet.com/b/msrc/archive···140.aspx

andyross
Premium,MVM
join:2003-05-04
Schaumburg, IL
Just to note it only appears to be IE8 and was probably a watering hole attack against some defense contractors.

»arstechnica.com/security/2013/05···archers/


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
From the executive summary:
quote:
Microsoft is investigating public reports of a vulnerability in Internet Explorer 8.
quote:
Internet Explorer 6, Internet Explorer 7, Internet Explorer 9, and Internet Explorer 10 are not affected by the vulnerability.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
reply to siljaline
I wonder if running EMET defeats any possible exploit of this (I have lot's of software running under EMET).

Nothing on WU yet for this but Patch Tues is only a few days away (can't wait ).
--
Don't feed trolls--it only makes them grow!


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
said by StuartMW:

I wonder if running EMET defeats any possible exploit of this (I have lot's of software running under EMET).

It does!
Check suggested actions -> workarounds.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
You've tried it (the exploit)?


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
said by StuartMW:

You've tried it (the exploit)?

Sorry. No, I haven't tried this exploit with EMET. Only that Microsoft recommends using EMET to help prevent the exploit on IE8.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

1 recommendation

Ohhh. I missed that recommendation.

Everyone should be using EMET
--
Don't feed trolls--it only makes them grow!


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
reply to Dustyn
I'd prolly sooner upgrade my Browser but that's just me.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
Well you can't right now EMET will keep you safe until the patch is out.
--
Don't feed trolls--it only makes them grow!


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
said by StuartMW:

Well you can't right now

Oh - really ?
quote:
Internet Explorer 9 and 10 are not affected by this issue, so upgrading to these versions will help protect you from this issue.
For those upgrading you would want to deselect the every-so annoying BING and MSN defaults.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
And if you're on WinXP and can't go beyond IE8?
--
Don't feed trolls--it only makes them grow!


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
reply to StuartMW
said by StuartMW:

Ohhh. I missed that recommendation.

Everyone should be using EMET

No worries!
I agree! I had only a few applications that I had to customize EMET for. The default configuration would either cause the apps to crash or simply not run. 95% of the time I completely forget that it's running.
--
Remember that cool hidden "Graffiti Wall" here on BBR? After the name change I became the "owner", so to speak as it became: Dustyn's Wall »[Serious] RIP


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
reply to StuartMW
- double posting -


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
reply to siljaline
Slowly trying to wean my parents off of Internet Explorer 8 in favor of Opera. They are finally beginning to use it, but prefer IE8. I'll try some other browsers like Firefox, and Chrome on XP shortly as Opera tends to eat up a lot of memory after long browsing sessions. It almost appears slower than IE8 which seems odd.
--
Remember that cool hidden "Graffiti Wall" here on BBR? After the name change I became the "owner", so to speak as it became: Dustyn's Wall »[Serious] RIP


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

1 recommendation

reply to siljaline
said by siljaline:

A Year From Now Support for Windows XP Ends - Now What?

*yawn*

. o O (Whatever)
--
Don't feed trolls--it only makes them grow!


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
reply to Dustyn
If I had to use an alternate Browser when IE could not be used I would lean toward Mozilla Firefox.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
FF is my primary browser. It runs under EMET though.

I've had a few apps crash, when starting, under EMET but nothing consistent. It consumes next to no resources, barely needs configuring, and is free yet I know of only a handful of people that use it. Oh well...
--
Don't feed trolls--it only makes them grow!


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
But the thread isn't about Moz, is it ? Seriously... (•)

Libra
Premium
join:2003-08-06
USA
kudos:1
Reviews:
·Verizon FiOS
Thank you for bringing this to our attention.

If I install EMET on a computer with 1-3 standard users, does it have to be configured for each user, or will configuring it in the admin account cover all users? If it has to be configured in standard accounts individually, does it have to be done "run as admin" or can the standard user configure it?

Thank you.

Sincerely, Libra


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
You're most welcome, Libra See Profile
I don't know too much about EMET other than what is detailed below:
»support.microsoft.com/kb/2458544/en-us

Regards,

--
Canadians reserve the Right to - Arm Bears

»my.barackobama.com/page/s/call-o···s-to-act


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

2 edits
reply to Libra
said by Libra:

If I install EMET on a computer with 1-3 standard users, does it have to be configured for each user, or will configuring it in the admin account cover all users?

Pretty sure configuring under Admin covers all users. I know EMET is running on one non-Admin account on one of my machines.

PS: Just checked and EMET uses the same settings for all user accounts.
(They're kept in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EMET)
--
Don't feed trolls--it only makes them grow!


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico

1 edit
reply to siljaline
quote:
Microsoft "Fix it" available to mitigate Internet Explorer 8 vulnerability
»blogs.technet.com/b/srd/archive/···ity.aspx

"My Bad" - this was sitting in my inbox as of late this afternoon.
Also See: Microsoft Security Advisory: Vulnerability in Internet Explorer could allow remote code execution: May 8, 2013
»support.microsoft.com/kb/2847140

Libra
Premium
join:2003-08-06
USA
kudos:1
Thank you for the Fixit. I applied it to one computer so far.

StuartMW, Thank you for checking that the EMET applies to all users. I didn't use it since there is now a fixit, but it's good to know for the future.

Sincerely, Libra


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
You're welcome, Libra See Profile


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
reply to Libra
said by Libra:

I didn't use it since there is now a fixit...

The whole point of EMET is to catch some common exploit techniques that an A/V might miss (e.g. 0-Day).

. o O (One day someone will explain the common aversion to EMET. I really don't get it)
--
Don't feed trolls--it only makes them grow!


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17

1 edit
EMET Official release delayed two weeks to May 28, 2013
»blogs.technet.com/b/srd/archive/···ure.aspx


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
Yep.

»Re: MS Security Bulletin Advance Notification - May 9, 2013
--
Don't feed trolls--it only makes them grow!


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Thanks M:8