dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
2602

altermatt
Premium Member
join:2004-01-22
White Plains, NY

altermatt

Premium Member

Zero-Day fix it issued

Haven't seen this mentioned:

Microsoft has also issued a warning about a new zero-day flaw that affects nearly all versions of Windows except for Windows Server 2003. A successful attacker would be able to gain the same rights as the currently logged-in user, and could also download and load new malware on an infected computer.

The weakness can be exploited if a user opens a malicious Office file containing an OLE (object linking and embedding) object, and Microsoft says that it has already detected some targeted attacks being conducted through the use of malicious PowerPoint files.

For now, Microsoft has released a fix it calls the "OLE packager shim workaround" for both the 32-bit and 64-bit versions of PowerPoint 2007, 2010 and 2013.

»www.pcworld.com/article/ ··· fix.html

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

5 recommendations

NOYB

Premium Member


This sort of thing is why I don't use and Admin privileged account.

For regular usage I setup an ordinary account without any elevated permissions.

Admin privileged account is for doing system level administration tasks. And nothing more.
wolfy339
join:2005-04-30
Edmonds, WA

1 edit

wolfy339

Member

said by NOYB:


This sort of thing is why I don't use and Admin privileged account.

For regular usage I setup an ordinary account without any elevated permissions.

Admin privileged account is for doing system level administration tasks. And nothing more.

Another vote for not running as root (or admin) for daily tasks. Like NOYB See Profile I also run as "user" for ordinary/daily tasks. Any unix/linux sysadmin worth his or her salt will tell you "never run as root".

Selenia
Gentoo Convert
Premium Member
join:2006-09-22
Fort Smith, AR

Selenia to NOYB

Premium Member

to NOYB
said by NOYB:


This sort of thing is why I don't use and Admin privileged account.

For regular usage I setup an ordinary account without any elevated permissions.

Admin privileged account is for doing system level administration tasks. And nothing more.

Do you realize how many years I been trying to drum that into peoples' heads? Even some businesses fail to get it, let alone average users. When I locked it down for them and showed them Run As.... for their installers in the XP days, they found that to be too many steps to run their PC safely, even given the hours and hours of labor I used to charge them for virus removal before I moved onto bigger and better things.

Part of this is Microsoft's fault. They knew they were marketing to many lazy people but still set the admin account as default. When the public paid for that choice, they introduced that near useless bandaid known as UAC, that many just turn off and is in no way comparable to true privilege separation.

Now UNiX, Linux, Android, Macs, pretty much everything under the sun had you run as a regular user and call super user privileges as needed. Hell, Windows even made app coders lazy by writing to Program Files rather than do it right, for which many such apps had to change their code for UAC in Vista and up.

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB

Premium Member


Yeah people thought I was crazy too.

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

1 recommendation

siljaline to altermatt

Premium Member

to altermatt
See note by dp See Profile
»Microsoft Security Advisory Notification Issued: October 21, 2014
hayduke4
join:2014-01-09
United State

hayduke4 to altermatt

Member

to altermatt
If you don't have Office or PowerPoint you have nothing to worry about?

Thanks,
hayduke

Blackbird
Built for Speed
Premium Member
join:2005-01-14
Fort Wayne, IN

Blackbird

Premium Member

said by hayduke4:

If you don't have Office or PowerPoint you have nothing to worry about? ...

From MS Security Advisory 3010060:
quote:
In an email attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted file to the user. For this attack scenario to be successful, the user must be convinced to open the specially crafted file containing the malicious OLE object. All Microsoft Office file types as well as many other third-party file types could contain a malicious OLE object.
(My emphasis) The problem lies within the OS's OLE functionality, not so much within Office/PowerPoint themselves.

altermatt
Premium Member
join:2004-01-22
White Plains, NY

altermatt

Premium Member

To my chagrin, I now find out this fix-it is not available for Windows 8.1 64 bit! How shortsighted!

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline

Premium Member

Under affected software: among others -
Windows 8.1 for x64-based Systems
PX Eliezer1
Premium Member
join:2013-03-10
Zubrowka USA

PX Eliezer1 to Blackbird

Premium Member

to Blackbird
said by Blackbird:

said by hayduke4:

If you don't have Office or PowerPoint you have nothing to worry about? ...

From MS Security Advisory 3010060:
quote:
In an email attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted file to the user. For this attack scenario to be successful, the user must be convinced to open the specially crafted file containing the malicious OLE object. All Microsoft Office file types as well as many other third-party file types could contain a malicious OLE object.
(My emphasis) The problem lies within the OS's OLE functionality, not so much within Office/PowerPoint themselves.

I have Windows 7 but because I do not have Office or Power Point, the Fix-It patch did not install.

chip89
Premium Member
join:2012-07-05
Columbia Station, OH

chip89 to altermatt

Premium Member

to altermatt
Good thing I use Google Docs & Office online.

Blackbird
Built for Speed
Premium Member
join:2005-01-14
Fort Wayne, IN

Blackbird to PX Eliezer1

Premium Member

to PX Eliezer1
said by PX Eliezer1:

said by Blackbird:

... The problem lies within the OS's OLE functionality, not so much within Office/PowerPoint themselves.

I have Windows 7 but because I do not have Office or Power Point, the Fix-It patch did not install.

As with the October, 2014, MS14-060/KB300869 patch (»technet.microsoft.com/li ··· ms14-060), this one impacts the OLE Packager, which is part of the OS. As to whether some other software besides Office/PowerPoint can successfully invoke OLE in a manner which allows such exploits to execute is beyond my knowledge... but it's not something I'd gamble about. At the present quick-and-dirty "fix-it" response level, MS is obviously only dealing with Office/PowerPoint installations of Windows.
redwolfe_98
Premium Member
join:2001-06-11

redwolfe_98 to altermatt

Premium Member

to altermatt
the vulnerability only affects newer versions of "windows".. windows xp is secure..

EUS
Kill cancer
Premium Member
join:2002-09-10
canada

EUS to altermatt

Premium Member

to altermatt
Guess that means xp-64 is safe too?
hayduke4
join:2014-01-09
United State

hayduke4 to Blackbird

Member

to Blackbird
I'm on Windows 7 Home premium and when I try to run the fix it says This Microsoft Fix it does not apply to your operating system or application version.

Thanks,
hayduke
redwolfe_98
Premium Member
join:2001-06-11

redwolfe_98

Premium Member

said by hayduke4:

when I try to run the fix it says This Microsoft Fix it does not apply to your operating system or application version

on the webpage, for downloading the "fixit", it says which versions of windows and which versions of "powerpoint" the "fixit" applies to:

»support.microsoft.com/kb/3010060

if you don't have "powerpoint" installed, the "fixit" wouldn't apply to your computer..
hayduke4
join:2014-01-09
United State

hayduke4

Member

I missed that.
Thanks,
hayduke

altermatt
Premium Member
join:2004-01-22
White Plains, NY

altermatt to siljaline

Premium Member

to siljaline
siljaline, YES. win 8.1 64 bit IS affected, BUT the fix-it says it's not for 8.l1 64 bit, so although I'm vulnerable, there's no fix-it; that was my point. I do have Powerpoint and all of Office 2013.

antdude
Matrix Ant
Premium Member
join:2001-03-25
US

antdude to altermatt

Premium Member

to altermatt
I wonder if this fix will be released tomorrow.

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

siljaline

Premium Member

said by antdude:

I wonder if this fix will be released tomorrow.

No word on MS releasing something out-of-band, yet.

rfhar
The World Sport, Played In Every Country
Premium Member
join:2001-03-26
Buicktown,Mi

rfhar to altermatt

Premium Member

to altermatt
Thanks, needed it.

antdude
Matrix Ant
Premium Member
join:2001-03-25
US

antdude to siljaline

Premium Member

to siljaline
said by siljaline:

said by antdude:

I wonder if this fix will be released tomorrow.

No word on MS releasing something out-of-band, yet.

And nothing today. Just Firefox v33.0.2. Nothing from Adobe too. :P

siljaline
I'm lovin' that double wide
Premium Member
join:2002-10-12
Montreal, QC

1 recommendation

siljaline

Premium Member

Adobe could be tomorrow or later in the week