Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Microsoft To Patch Windows on January 10th; Attack Spreads
Dow Jones News Service (excerpt) ^ | January 3, 2006 | Chris Reiter

Posted on 01/03/2006 11:42:23 AM PST by HAL9000

Excerpt -

NEW YORK -(Dow Jones)- Microsoft Corp. (MSFT) plans to release a patch for a new security flaw at its next scheduled update release on Jan. 10, leaving users largely unprotected until then from a rapidly spreading computer virus strain.

"Microsoft's delay is inexcusable," said Alan Paller, director of research at computer security group SANS Institute. "There's no excuse other than incompetence and negligence."

"It's a problem that there's no known solution from Microsoft," said Alfred Huger, senior director of engineering at Symantec Corp.'s (SYMC) security response team.

SANS Institute, via its Internet Storm Center, has taken the unusual step of releasing its own patch for the problem until a Microsoft-approved fix is available. "It's not something we like to do," said Paller.

The Internet Storm Center, which tracks viruses and other outbreaks on the Web, increased the threat level to "yellow" - a warning that means a significant new threat is developing.

[snip]


(Excerpt) Read more at nasdaq.com ...


TOPICS: News/Current Events; Technical
KEYWORDS: backdoor; exploit; getamac; internetexploiter; lookoutexpress; lowqualitycrap; malware; microsoft; msn; patch; securityflaw; spamware; spyware; trojan; userfriendly; virus; virusbait; windows; wmf
Navigation: use the links below to view more comments.
first previous 1-2021-4041-53 next last
To: HAL9000

"FreeRepublic is already doing it's part to improve security by running on a Linux server. "

Linux servers won't pass the infected pictures ?


21 posted on 01/03/2006 1:53:18 PM PST by RS (Just because they are out to get him doesn't mean he is not guilty)
[ Post Reply | Private Reply | To 9 | View Replies]

To: HAL9000
My company put an update on the Microsoft SMS server to patch all the company XP based machines inside the firewall. The patch disables the "thumbnails" capability of Windows Explorer and some other applications that automatically show off pictures.

The problem is that the suffix doesn't matter. The Windows Media File nature of the file is embedded in the file header, not discerned via the extension. A snoopy application that decides for itself is going to find those WMF files. It if happens on an exploit, you pay the consequences.

22 posted on 01/03/2006 1:57:28 PM PST by Myrddin
[ Post Reply | Private Reply | To 1 | View Replies]

To: RS
Linux servers won't pass the infected pictures ?

ANY web server can pass the infected files. You will happily pull it right through your firewall via port 80. Once on the disk, your operating system/applications will dictate what happens next. The exploit wasn't targeted at Linux applications/shared libraries...yet. Given all the effort at compatibility to view multi-media files, it is just a matter of time before such an exploit happens. Windows is just a much bigger target.

23 posted on 01/03/2006 2:06:30 PM PST by Myrddin
[ Post Reply | Private Reply | To 21 | View Replies]

To: RS
Look for infected files to show up in SPAM. The spammers love to send images because the anti-spam software can't find keywords to kick them out. Turn off your automatic image viewing in e-mail until the patch is applied.
24 posted on 01/03/2006 2:08:42 PM PST by Myrddin
[ Post Reply | Private Reply | To 21 | View Replies]

To: Myrddin

Ha, does anyone see a parallel here: relying on Microsoft to provide the patch is like
- relying on the police to protect individual citizens
- relying on government to protect the border
??


25 posted on 01/03/2006 2:08:50 PM PST by rudy45
[ Post Reply | Private Reply | To 23 | View Replies]

To: proxy_user
Perhaps we should disable this feature for now?

You can disable showing images on your own PC, and it would govern all pictures on all sites. Open internet explorer, move your mouse pointer to TOOLS, INTERNET OPTIONS. Select the ADVANCED tab. Scroll down to MULTIMEDIA and deselect SHOW PICTURES.

When the threat of this virus has passed, you can reverse the procedure and reselect SHOW PICTURES.

26 posted on 01/03/2006 2:18:20 PM PST by Wolfstar ("We must...all hang together or...we shall all hang separately." Benjamin Franklin)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Ernest_at_the_Beach
I'm running FireFox 1.5 and Eurora mail on my Mac. Do I have to read all of that?
27 posted on 01/03/2006 2:59:42 PM PST by tubebender (You can't make Chicken Soup from Chicken Poop...)
[ Post Reply | Private Reply | To 13 | View Replies]

To: RS
Linux servers won't pass the infected pictures ?

They can - but it's unlikely that most of the images hosted on FR would contain a virus.

One potential problem area could be in FR's Caption This Image section, where anyone could upload an infected image. But I think John R. has coded some restrictions in that feature to prevent embedding of those images in other web pages.

Most images seen on FR are actually hosted on a different server, which may or may not be running Linux.

28 posted on 01/03/2006 3:22:30 PM PST by HAL9000 (Get a Mac - The Ultimate FReeping Machine)
[ Post Reply | Private Reply | To 21 | View Replies]

To: HAL9000

Ilfac Guilfanov, who wrote the patch, is somewhat well known as the author of Interactive Disassembler Pro. According to the f-secure weblog, Guilfanov is "arguably one of the best low-level Windows experts in the world."
He is not making money from his patch, but if it causes problems, his reputation will certainly suffer. Steve Gibson of Gibson Research Center, a long time programmer and all-around old computer pro, has examined Guilfanov's code and even spoke with Guilfanov to help him modify the code for Windows 2000. Gibson is very impressed with the quality of the patch. Programmer/author Tom Liston of SANS says that he has gone through the patch and found that it does only what it is supposed to do.

Obviously Guilfanov's patch is riskier than Microsoft's patch will be, but if Microsoft is really going to wait until the 10th without even releasing even a beta patch...


29 posted on 01/03/2006 3:28:55 PM PST by TChad
[ Post Reply | Private Reply | To 1 | View Replies]

To: TChad
...Obviously Guilfanov's patch is riskier than Microsoft's patch will be...

Hmmmm. I'm not so sure.

30 posted on 01/03/2006 3:36:09 PM PST by Petronski (I love Cyborg!)
[ Post Reply | Private Reply | To 29 | View Replies]

To: rudy45
Ha, does anyone see a parallel here: relying on Microsoft to provide the patch is like

expecting ANY vendor to honor a warranty on a product it has sold. Crispy fries from McDonalds. Fresh ice cream from Dairy Queen. Safe tires from Firestone.


- relying on the police to protect individual citizens
- relying on government to protect the border

Government is full of politicians. They are experienced weasels at avoiding responsibility. The courts have already ruled that police have no duty to protect citizens. The federal government has clearly failed in its responsibility to protect the U.S. border.

31 posted on 01/03/2006 3:47:52 PM PST by Myrddin
[ Post Reply | Private Reply | To 25 | View Replies]

To: TChad

Gibson is a good guy, but his efforts to improve Windows are quixotic.


32 posted on 01/03/2006 3:52:04 PM PST by HAL9000 (Get a Mac - The Ultimate FReeping Machine)
[ Post Reply | Private Reply | To 29 | View Replies]

To: tubebender

No, just don't look at the WMF files....point of posting it was that Microsoft was saying that you are OK as long as you don't use some of the facilities they have provided,,,till they finally get around to fixing the problem.....just trust them.

Lot of words for sure.


33 posted on 01/03/2006 4:04:48 PM PST by Ernest_at_the_Beach (History is soon Forgotten,)
[ Post Reply | Private Reply | To 27 | View Replies]

To: HAL9000
Gibson is a good guy, but his efforts to improve Windows are quixotic.

I'm not sure that Gibson is really "attempting to improve Windows" here, so much as doing what he usually does, saving people from computer disasters. His SpinRite program certainly saved me in the bad old computer days. I probably would have installed the patch on my Windows boxes even without his recommendation, but he made the decision easy.

34 posted on 01/03/2006 4:19:39 PM PST by TChad
[ Post Reply | Private Reply | To 32 | View Replies]

To: Ernest_at_the_Beach

I know. I read it a couple of days ago and got a cramp laughing so hard. I was just joshing you...


35 posted on 01/03/2006 4:20:50 PM PST by tubebender (You can't make Chicken Soup from Chicken Poop...)
[ Post Reply | Private Reply | To 33 | View Replies]

To: Ernest_at_the_Beach
Have you seen this??? Google OS
36 posted on 01/03/2006 4:29:15 PM PST by tubebender (You can't make Chicken Soup from Chicken Poop...)
[ Post Reply | Private Reply | To 33 | View Replies]

To: Al Gator
As of last night, I put on my RED HAT, went ROOT, and tipped my FEDORA and left the windows world far behind.

Welcome to the flock!!

Tux Lives!!!

37 posted on 01/03/2006 4:38:12 PM PST by amigatec (There are no significant bugs in our software... Maybe you're not using it properly.- Bill Gates)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Petronski; TChad

I agree!


38 posted on 01/03/2006 4:48:30 PM PST by Ernest_at_the_Beach (History is soon Forgotten,)
[ Post Reply | Private Reply | To 30 | View Replies]

To: tubebender

Did I describe it accurately....?

What a piece of corporate BS....


39 posted on 01/03/2006 4:51:59 PM PST by Ernest_at_the_Beach (History is soon Forgotten,)
[ Post Reply | Private Reply | To 35 | View Replies]

To: tubebender
Yes, see this also:

Google's timing might be good:

And now, for Google's next trick ... Google PC??....GoogleOS???

40 posted on 01/03/2006 4:53:40 PM PST by Ernest_at_the_Beach (History is soon Forgotten,)
[ Post Reply | Private Reply | To 36 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-53 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson