altermatt Premium Member join:2004-01-22 White Plains, NY |
Zero-Day fix it issuedHaven't seen this mentioned: Microsoft has also issued a warning about a new zero-day flaw that affects nearly all versions of Windows except for Windows Server 2003. A successful attacker would be able to gain the same rights as the currently logged-in user, and could also download and load new malware on an infected computer. The weakness can be exploited if a user opens a malicious Office file containing an OLE (object linking and embedding) object, and Microsoft says that it has already detected some targeted attacks being conducted through the use of malicious PowerPoint files. For now, Microsoft has released a fix it calls the "OLE packager shim workaround" for both the 32-bit and 64-bit versions of PowerPoint 2007, 2010 and 2013. » www.pcworld.com/article/ ··· fix.html |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR
5 recommendations |
NOYB
Premium Member
2014-Oct-22 2:48 pm
This sort of thing is why I don't use and Admin privileged account.
For regular usage I setup an ordinary account without any elevated permissions.
Admin privileged account is for doing system level administration tasks. And nothing more.
|
|
1 edit |
said by NOYB: This sort of thing is why I don't use and Admin privileged account.
For regular usage I setup an ordinary account without any elevated permissions.
Admin privileged account is for doing system level administration tasks. And nothing more.
Another vote for not running as root (or admin) for daily tasks. Like NOYB I also run as "user" for ordinary/daily tasks. Any unix/linux sysadmin worth his or her salt will tell you "never run as root". |
|
SeleniaGentoo Convert Premium Member join:2006-09-22 Fort Smith, AR |
to NOYB
said by NOYB: This sort of thing is why I don't use and Admin privileged account.
For regular usage I setup an ordinary account without any elevated permissions.
Admin privileged account is for doing system level administration tasks. And nothing more.
Do you realize how many years I been trying to drum that into peoples' heads? Even some businesses fail to get it, let alone average users. When I locked it down for them and showed them Run As.... for their installers in the XP days, they found that to be too many steps to run their PC safely, even given the hours and hours of labor I used to charge them for virus removal before I moved onto bigger and better things. Part of this is Microsoft's fault. They knew they were marketing to many lazy people but still set the admin account as default. When the public paid for that choice, they introduced that near useless bandaid known as UAC, that many just turn off and is in no way comparable to true privilege separation. Now UNiX, Linux, Android, Macs, pretty much everything under the sun had you run as a regular user and call super user privileges as needed. Hell, Windows even made app coders lazy by writing to Program Files rather than do it right, for which many such apps had to change their code for UAC in Vista and up. |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
NOYB
Premium Member
2014-Oct-25 11:22 pm
Yeah people thought I was crazy too.
|
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC
1 recommendation |
to altermatt
|
|
|
to altermatt
If you don't have Office or PowerPoint you have nothing to worry about?
Thanks, hayduke |
|
BlackbirdBuilt for Speed Premium Member join:2005-01-14 Fort Wayne, IN |
said by hayduke4:If you don't have Office or PowerPoint you have nothing to worry about? ... From MS Security Advisory 3010060: quote: In an email attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted file to the user. For this attack scenario to be successful, the user must be convinced to open the specially crafted file containing the malicious OLE object. All Microsoft Office file types as well as many other third-party file types could contain a malicious OLE object.
(My emphasis) The problem lies within the OS's OLE functionality, not so much within Office/PowerPoint themselves. |
|
altermatt Premium Member join:2004-01-22 White Plains, NY |
To my chagrin, I now find out this fix-it is not available for Windows 8.1 64 bit! How shortsighted! |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC |
Under affected software: among others - Windows 8.1 for x64-based Systems |
|
|
to Blackbird
said by Blackbird:said by hayduke4:If you don't have Office or PowerPoint you have nothing to worry about? ... From MS Security Advisory 3010060: quote: In an email attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted file to the user. For this attack scenario to be successful, the user must be convinced to open the specially crafted file containing the malicious OLE object. All Microsoft Office file types as well as many other third-party file types could contain a malicious OLE object.
(My emphasis) The problem lies within the OS's OLE functionality, not so much within Office/PowerPoint themselves. I have Windows 7 but because I do not have Office or Power Point, the Fix-It patch did not install. |
|
chip89 Premium Member join:2012-07-05 Columbia Station, OH |
to altermatt
Good thing I use Google Docs & Office online. |
|
BlackbirdBuilt for Speed Premium Member join:2005-01-14 Fort Wayne, IN |
to PX Eliezer1
said by PX Eliezer1:said by Blackbird:... The problem lies within the OS's OLE functionality, not so much within Office/PowerPoint themselves. I have Windows 7 but because I do not have Office or Power Point, the Fix-It patch did not install. As with the October, 2014, MS14-060/KB300869 patch (» technet.microsoft.com/li ··· ms14-060), this one impacts the OLE Packager, which is part of the OS. As to whether some other software besides Office/PowerPoint can successfully invoke OLE in a manner which allows such exploits to execute is beyond my knowledge... but it's not something I'd gamble about. At the present quick-and-dirty "fix-it" response level, MS is obviously only dealing with Office/PowerPoint installations of Windows. |
|
|
|
to altermatt
the vulnerability only affects newer versions of "windows".. windows xp is secure.. |
|
EUSKill cancer Premium Member join:2002-09-10 canada |
to altermatt
Guess that means xp-64 is safe too? |
|
|
to Blackbird
I'm on Windows 7 Home premium and when I try to run the fix it says This Microsoft Fix it does not apply to your operating system or application version.
Thanks, hayduke |
|
|
said by hayduke4:when I try to run the fix it says This Microsoft Fix it does not apply to your operating system or application version on the webpage, for downloading the "fixit", it says which versions of windows and which versions of "powerpoint" the "fixit" applies to: » support.microsoft.com/kb/3010060if you don't have "powerpoint" installed, the "fixit" wouldn't apply to your computer.. |
|
|
I missed that. Thanks, hayduke |
|
altermatt Premium Member join:2004-01-22 White Plains, NY |
to siljaline
siljaline, YES. win 8.1 64 bit IS affected, BUT the fix-it says it's not for 8.l1 64 bit, so although I'm vulnerable, there's no fix-it; that was my point. I do have Powerpoint and all of Office 2013. |
|
antdudeMatrix Ant Premium Member join:2001-03-25 US |
to altermatt
I wonder if this fix will be released tomorrow. |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC |
siljaline
Premium Member
2014-Oct-28 11:54 am
said by antdude:I wonder if this fix will be released tomorrow. No word on MS releasing something out-of-band, yet. |
|
rfharThe World Sport, Played In Every Country Premium Member join:2001-03-26 Buicktown,Mi |
to altermatt
Thanks, needed it. |
|
antdudeMatrix Ant Premium Member join:2001-03-25 US |
to siljaline
said by siljaline:said by antdude:I wonder if this fix will be released tomorrow. No word on MS releasing something out-of-band, yet. And nothing today. Just Firefox v33.0.2. Nothing from Adobe too. :P |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC
1 recommendation |
siljaline
Premium Member
2014-Oct-28 11:31 pm
Adobe could be tomorrow or later in the week |
|