CDRInfo Forum CDRInfo Forum

Forums  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Photo Gallery  Member List  Search  Calendars  FAQ  Ticket List  Log Out

Microsoft Corp. to release Windows fix Jan. 10 as attack spreads   Logged in as: Guest
Viewers: 841 You can click here to see Today's Posts | Most Active Topics | Posts Since Last Visit
  Printable Version
All Forums >> [News Around The Web] >> Microsoft News >> Microsoft Corp. to release Windows fix Jan. 10 as attack spreads Page: [1]
Login
Message << Older Topic   Newer Topic >>
Microsoft Corp. to release Windows fix Jan. 10 as attac... - 1/4/2006 7:33:03 AM   
WinThusiast


Posts: 1011
Joined: 8/4/2003
From: Ontario - Canada
Status: offline
Microsoft Corp. plans to release a patch for a new security flaw at its next scheduled update release on Jan. 10, leaving users largely unprotected until then from a rapidly spreading computer virus strain.

"Microsoft's delay is inexcusable," said Alan Paller, director of research at computer security group SANS Institute. "There's no excuse other than incompetence and negligence."

"It's a problem that there's no known solution from Microsoft," said Alfred Huger, senior director of engineering at Symantec Corp.'s security response team.

SANS Institute, via its Internet Storm Center, has taken the unusual step of releasing its own patch for the problem until a Microsoft-approved fix is available. "It's not something we like to do," said Paller.

The Internet Storm Center, which tracks viruses and other outbreaks on the web, increased the threat level to "yellow" - a warning that means a significant new threat is developing.

Microsoft said evaluation and testing affect the timing of security patches. "Creating security updates that effectively fix vulnerabilities is an extensive process. There are many factors that impact the length of time between the discovery of a vulnerability and the release of a security update," Microsoft said in a security advisory on its website.

"Quality is the gating factor," said a Microsoft spokeswoman. The company views the issue as "serious," but believes that "the scope of the attacks is not widespread," she added.

The attack is the latest to hit Microsoft, despite redoubled efforts to respond to security threats. With more than 90 per cent of personal computers running Windows, it represents the biggest target for hackers.

The virus began spreading last week, as hackers took advantage of a previously unknown flaw in Windows Meta File code in what is known as a "zero-day attack."

"The flaw is fairly significant in terms of its reach," said Alain Sergile, product manager at Internet Security Systems Inc.'s X-Force threat analysis service.

The bug was found in current server and desktop versions of Windows and is considered serious because it requires relatively minor user interaction to be unleashed. The virus is carried in picture files and can be triggered if an image is viewed in an email or on an infected website. It is also being distributed through Instant Messenger.

Johannes Ullrich, chief research officer at SANS Institute, said there are hundreds of websites that carry the infected images, and he's tracking the possibility that an online ad service is serving up infected image files. He says five per cent to 10 per cent of users appear to be infected, "an order of magnitude more than other attacks."

The virus takes advantage of the way Windows processes Windows Meta Files, or WMF, images. These file types can carry more common .jpg extensions, but still carry the malicious code.

Microsoft recommends users unregister a file called shimgvw.dll. "While this workaround will not correct the underlying vulnerability, it helps block known attack vectors," the software maker says in its security advisory.

Security experts are advising people to turn off preview panes in e-mail programs like Outlook and be very careful about what websites they visit and what e-mails they open.


Source : Canadian Press
Post #: 1
RE: Microsoft Corp. to release Windows fix Jan. 10 as a... - 1/4/2006 8:09:33 AM   
major9686


Posts: 387
Joined: 6/28/2005
From: Holon, Israel
Status: offline
and again ..
I hate microsoft !!!

(in reply to WinThusiast)
Post #: 2
RE: Microsoft Corp. to release Windows fix Jan. 10 as a... - 1/5/2006 3:24:10 PM   
Matthew

 

Posts: 943
Joined: 1/2/2002
From: United Kingdom
Status: offline
http://www.grc.com/sn/notes-020.htm

And note also:
quote:

Microsoft's WMF security patch has LEAKED prematurely onto
the Net!  See "
Breaking News" below for detailed information.

Note: The updated GDI32.DLL file contained in this patch, was built in the evening of December 28th, LAST WEDNESDAY. It is clear that Microsoft jumped on this problem — and had it resolved — almost immediately. But the nature of the installed base of Windows systems, and Microsoft's understandable need to be absolutely certain they don't break anything else with this new replacement GDI32.DLL, requires that they take the time to thoroughly test anything they change.


Also reported there, it appears that, just like many other attacks directed at XP, Win98/SE/ME is relatively immune - from the sound of it, not totally immune, but not actually compromised by the exploit.


The frightening thing about this, is the number of places an exploit image could be launched from, including some that should scare every forum user.

(in reply to major9686)
Post #: 3
RE: Microsoft Corp. to release Windows fix Jan. 10 as a... - 1/5/2006 3:51:13 PM   
major9686


Posts: 387
Joined: 6/28/2005
From: Holon, Israel
Status: offline
quote:

ORIGINAL: Matthew

http://www.grc.com/sn/notes-020.htm

And note also:
quote:

Microsoft's WMF security patch has LEAKED prematurely onto
the Net!  See "
Breaking News" below for detailed information.

Note: The updated GDI32.DLL file contained in this patch, was built in the evening of December 28th, LAST WEDNESDAY. It is clear that Microsoft jumped on this problem — and had it resolved — almost immediately. But the nature of the installed base of Windows systems, and Microsoft's understandable need to be absolutely certain they don't break anything else with this new replacement GDI32.DLL, requires that they take the time to thoroughly test anything they change.


Also reported there, it appears that, just like many other attacks directed at XP, Win98/SE/ME is relatively immune - from the sound of it, not totally immune, but not actually compromised by the exploit.


The frightening thing about this, is the number of places an exploit image could be launched from, including some that should scare every forum user.


Oh oh ..
*goin to hide under the bed and pull the plug on the pc ...*

(in reply to Matthew)
Post #: 4
Page:   [1]
All Forums >> [News Around The Web] >> Microsoft News >> Microsoft Corp. to release Windows fix Jan. 10 as attack spreads Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts




Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

0.031