IE security glitch?

Help and Discussion

Moderator: The Mod Squad

IE security glitch?

Postby ~PJ~ » Sun Jan 17, 2010 12:05 pm

Does anyone know any more about this alleged loophole thatn's being said on the various news channels? Had one or two people asking me, and I hadn't even heard of it til then...
Image

Let there be respect for the earth,
Peace for its people,
Love in our lives,
Delight in the good,
Forgiveness for past wrongs,
And from now on a new start.
~PJ~
Black Belt 5th Degree
Black Belt 5th Degree
 
Posts: 5791
Joined: Fri Apr 11, 2003 5:59 pm
Location: Leeds, UK

Postby fussnfeathers » Sun Jan 17, 2010 1:43 pm

Actually, old news. Started in 2008, I think. Not sure on that one, though. Anyway, it's an ActiveX problem with DirectShow, and only affects XP and older, and Server 2003 and older. Vista and Windows 7 do not seem to be affected, as far as I've heard so far. IE8 is also not affected. Even if it were, it's the same ballgame........get an email, click on a link, get infected. It's not a drive-by thing, you have to actively get yourself booby-trapped. If this might be an issue, and you have a reason not to upgrade to IE8, just disable the ActiveX control for DirectShow.

http://support.microsoft.com/kb/972890

Not a whole lot there, but give it a lookover. It's been kicking around for awhile, just for some reason the news got ahold of it, and didn't research that they'd already covered this a year and a half ago.
Faster than the speed of snot

Two wrongs don't make it right, but I sleep pretty good at night
fussnfeathers
Mobo-fu Master
Mobo-fu Master
 
Posts: 3147
Joined: Thu Dec 04, 2008 8:25 pm
Location: Right behind you

Postby ~PJ~ » Sun Jan 17, 2010 2:04 pm

Ah. At the moment they're blaming it for Google being attacked by China or something...
Image

Let there be respect for the earth,
Peace for its people,
Love in our lives,
Delight in the good,
Forgiveness for past wrongs,
And from now on a new start.
~PJ~
Black Belt 5th Degree
Black Belt 5th Degree
 
Posts: 5791
Joined: Fri Apr 11, 2003 5:59 pm
Location: Leeds, UK

Postby fussnfeathers » Sun Jan 17, 2010 2:26 pm

Yeah, I saw that one. Not just Google (Gmail, specifically, not the whole network), but 30 other high profile companies as well. Isn't something the average 'net surfer would even see. The servers used to deploy the attack are in the US, and they just traced the connecting IP addresses back to China or one of their proxies. Some news idiot jumped the gun and said malware was deployed by PDF, even though the security scans showed no vunerability in Acrobat.
Faster than the speed of snot

Two wrongs don't make it right, but I sleep pretty good at night
fussnfeathers
Mobo-fu Master
Mobo-fu Master
 
Posts: 3147
Joined: Thu Dec 04, 2008 8:25 pm
Location: Right behind you

Postby evasive » Sun Jan 17, 2010 3:04 pm

No matter what, not surfing with IE right now until they fix it, whatever the hole is. I know code was posted so you can be sure an exploit is out there.
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 37389
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands

Postby fussnfeathers » Sun Jan 17, 2010 4:04 pm

I'm not overly worried about it. I only click a link from somebody I know, it doesn't appear to affect my OS and browser, just smart surfing. I mountain bike like a maniac, but I also pick my lines carefully too. :wink:
Faster than the speed of snot

Two wrongs don't make it right, but I sleep pretty good at night
fussnfeathers
Mobo-fu Master
Mobo-fu Master
 
Posts: 3147
Joined: Thu Dec 04, 2008 8:25 pm
Location: Right behind you


Return to Virus/Spyware/Security

Who is online

Users browsing this forum: YandexBot [Bot] and 2 guests