News: Cexx forums, with volunteers dedicated to helping you remove malware and stay protected
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
April 23, 2014, 16:40:08
Pages: 1 ... 15 16 [17] 18 19 20   Go Down
  Print  
Topic: MS Security Advisories  (Read 116298 times)
0 Members and 1 Guest are viewing this topic.
« Reply #240 on: March 22, 2012, 04:46:15 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

Tool Exploiting MS12-020 Vulnerabilities ...
- http://atlas.arbor.net/briefs/
Severity: Elevated Severity
Published: Wednesday, March 28, 2012 19:20
An easy-to-use denial of service tool for the Microsoft Remote Desktop Protocol vulnerability has been released.
Analysis: While a metasploit module has been available for some time, a new, easy-to-use point and click tool lowers the bar. Organizations that have yet to patch should do so...
Source: http://www.f-secure.com/weblog/archives/00002338.html

Exploit for MS12-020 RDP bug moves to Metasploit
- http://atlas.arbor.net/briefs/index#1373529066
Elevated Severity
March 21, 2012
"A Denial of Service exploit for the Microsoft Remote Desktop security hole is now included in the Metasploit Framework, a popular penetration testing toolkit. This DoS exploit was already in the wild.
Analysis: Hopefully the increased press on this issue has encouraged robust patching and system hardening which will reduce the impact of this issue when a remote code execution exploit does become public. istherdpexploitoutyet.com is a website tracking the progress on this issue and offering links to research information. Be aware that this site does not offer any guarantees, and dangerous fake exploits for this bug have already appeared that will cause harm to those attempting to run them. Organizations that are exploited by this Denial of Service condition will see a "blue screen of death" involving RDPWD.SYS, as seen in the blog: http://community.websense.com/blogs/securitylabs/archive/2012/03/20/ms12-020-working-poc-in-the-wild.aspx
Source: http://threatpost.com/en_us/blogs/exploit-ms12-020-rdp-bug-moves-metasploit-032012 "

 Exclamation
« Last Edit: March 29, 2012, 02:14:25 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #241 on: May 08, 2012, 17:19:45 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

Microsoft Security Advisory (2695962)
Update Rollup for ActiveX Kill Bits
- https://technet.microsoft.com/en-us/security/advisory/2695962
May 08, 2012
> http://support.microsoft.com/kb/2695962

 Exclamation


« Last Edit: May 09, 2012, 04:12:30 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #242 on: June 03, 2012, 19:20:56 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

Microsoft Security Advisory (2718704)
Unauthorized Digital Certificates Could Allow Spoofing
- https://technet.microsoft.com/en-us/security/advisory/2718704
June 03, 2012 - "Microsoft is aware of active attacks using unauthorized digital certificates derived from a Microsoft Certificate Authority. An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows. Microsoft is providing an update for all supported releases of Microsoft Windows. The update revokes the trust of the following intermediate CA certificates:
• Microsoft Enforced Licensing Intermediate PCA (2 certificates)
• Microsoft Enforced Licensing Registration Authority CA (SHA1)
Recommendation. For supported releases of Microsoft Windows, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service..."
* http://support.microsoft.com/kb/2718704

- https://blogs.technet.com/b/msrc/archive/2012/06/03/microsoft-releases-security-advisory-2718704.aspx?Redirected=true
3 Jun 2012 - "We recently became aware of a complex piece of targeted malware known as 'Flame' and immediately began examining the issue. As many reports assert, Flame has been used in highly sophisticated and targeted attacks and, as a result, the vast majority of customers are not at risk. Additionally, most antivirus products will detect and remove this malware. That said, our investigation has discovered some techniques used by this malware that could also be leveraged by less sophisticated attackers to launch more widespread attacks..."

- https://blogs.technet.com/b/srd/archive/2012/06/03/microsoft-certification-authority-signing-certificates-added-to-the-untrusted-certificate-store.aspx?Redirected=true
3 Jun 2012 - "... we released Security Advisory 2718704*, notifying customers that unauthorized digital certificates have been found that chain up to a Microsoft sub-certification authority issued under the Microsoft Root Authority... we encourage all customers to apply the officially tested update to add the proper certificates to the Untrusted Certificate Store... Components of the Flame malware were signed with a certificate that chained up to the Microsoft Enforced Licensing Intermediate PCA certificate authority, and ultimately, to the Microsoft Root Authority. This code-signing certificate came by way of the Terminal Server Licensing Service that we operate to issue certificates to customers for ancillary PKI-based functions in their enterprise. Such a certificate could (without this update being applied) also allow attackers to sign code that validates as having been produced by Microsoft.
Conclusion: We recommend that all customers apply this update."

- http://support.microsoft.com/kb/894199
Last Review: June 4, 2012 - Revision: 129.0
___

- http://www.securitytracker.com/id/1027114
Jun 4 2012
... Unauthorized digital certificates derived from these certificate authorities are being actively used in attacks.
Windows Mobile 6.x and Windows Phone 7 and 7.5 are also affected.
Impact: A remote user may be able to spoof code signing signatures.
Solution: The vendor has issued a fix (KB2718704), available via automatic update...

>> https://www.f-secure.com/weblog/archives/00002377.html
June 4, 2012
___

Microsoft Security Advisory (2718704)
- http://atlas.arbor.net/briefs/index#-2141289419
Severity: Extreme Severity
Published: Monday, June 04, 2012 20:39
This security vulnerability is high risk and should be looked at ASAP by security teams.
Analysis: Due to the risks involved, multiple sources suggest that this issue be mitigated as soon as possible. The vulnerability has already been used in the Flame malware, which has been around for a few years. How many other potential adversaries have found and are leveraging the same security hole for their purposes is an open question.
Source: http://technet.microsoft.com/en-us/security/advisory/2718704

Source: https://isc.sans.edu/diary.html?storyid=13366
Last Updated: 2012-06-05 ...(Version: 4)

Source: http://www.wired.com/threatlevel/2012/06/internet-security-fail/
June 1, 2012 Mikko Hypponen, Chief Research Officer - F-Secure

 Exclamation
« Last Edit: June 07, 2012, 10:35:58 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #243 on: June 09, 2012, 02:51:35 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

WSUS and Windows update hardening

- http://blogs.technet.com/b/wsus/archive/2012/06/08/further-hardening-of-wsus-now-available.aspx
8 Jun 2012
- http://blogs.technet.com/b/mu/archive/2012/06/06/update-to-windows-update-wsus-coming-this-week.aspx
June 8, 2012 - Revision: 2.2
- http://blogs.technet.com/b/configmgrteam/archive/2012/06/08/further-hardening-of-wsus-now-available.aspx
8 Jun 2012

... and:

- http://support.microsoft.com/kb/2720211
Last Review: June 8, 2012 - Revision: 2.2
- http://support.microsoft.com/kb/894199
Last Review: June 8, 2012 - Revision: 131.0
___

An update for Windows Server Update Services 3.0 Service Pack 2 is available
- http://support.microsoft.com/kb/2720211
Last Review: June 11, 2012 - Revision: 5.0

 Exclamation Exclamation
« Last Edit: June 11, 2012, 07:23:15 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #244 on: June 12, 2012, 17:42:00 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

Microsoft Security Advisory (2719615)
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution
- https://technet.microsoft.com/en-us/security/advisory/2719615
June 12, 2012
0-day... CVE Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1889 - 9.3 (HIGH)
> http://support.microsoft.com/kb/2719615#FixItForMe

- https://secunia.com/advisories/49456/
Release Date: 2012-06-12
Criticality level: Extremely critical
Impact: System access
Where: From remote
Solution Status: Vendor Workaround
... vulnerability is reportedly being actively exploited.
Solution: Apply Microsoft Fix it solution.
Reported as a 0-day.
Original Advisory: Microsoft:
http://technet.microsoft.com/en-us/security/advisory/2719615

- http://googleonlinesecurity.blogspot.com/2012/06/microsoft-xml-vulnerability-under.html
June 12, 2012 - "... attacks are being distributed both via malicious web pages intended for Internet Explorer users and through Office documents. Users running Windows XP up to and including Windows 7 are known to be vulnerable..."
___

Microsoft Security Advisory (2269637)
Insecure Library Loading Could Allow Remote Code Execution
- https://technet.microsoft.com/en-us/security/advisory/2269637
• V16.0 (June 12, 2012) - "... Updates relating to Insecure Library Loading section: MS12-039..."
___

An automatic updater of revoked certificates is available for Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
- http://support.microsoft.com/kb/2677070
Last Review: June 13, 2012 - Revision: 2.0

> https://blogs.technet.com/b/pki/archive/2012/06/12/announcing-the-automated-updater-of-untrustworthy-certificates-and-keys.aspx?Redirected=true
___

> http://boards.cexx.org/index.php?topic=19131.0

 Exclamation
« Last Edit: June 13, 2012, 08:14:39 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #245 on: June 13, 2012, 18:41:06 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

Further insight into Security Advisory 2719615
- https://blogs.technet.com/b/msrc/archive/2012/06/13/further-insight-into-security-advisory-2719615.aspx?Redirected=true
13 Jun 2012 - "During our regular Update Tuesday bulletin cycle this week, we released Security Advisory 2719615*, which provides guidance concerning a remote code execution issue affecting MSXML Code Services. As part of that Advisory, we've built a Fix it workaround that blocks the potential attack vector in Internet Explorer. Fix its are a labor-saving mechanism that helps protect customers from a specific issue in advance of a comprehensive security update. We encourage customers to read more about SA2716915's one-click, no-reboot-required Fix it in an in-depth post on the SRD blog**."
* http://technet.microsoft.com/en-us/security/advisory/2719615

** http://blogs.technet.com/b/srd/archive/2012/06/13/msxml-fix-it-before-fixing-it.aspx

Microsoft Security Advisory (2718704)
Unauthorized Digital Certificates Could Allow Spoofing
- https://technet.microsoft.com/en-us/security/advisory/2718704
"... update revokes the trust of the following intermediate CA certificates:
    Microsoft Enforced Licensing Intermediate PCA (2 certificates)
    Microsoft Enforced Licensing Registration Authority CA (SHA1) ..."
• V1.1 (June 13, 2012): Advisory revised to notify customers that Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices are not affected by the issue.

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #246 on: June 16, 2012, 09:37:41 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

FixIt NOW - 0-day XML Core Services...
> https://isc.sans.edu/diary.html?storyid=13489
Last Updated: 2012-06-16 15:58:47 UTC - "... metasploit module (public release) for this vulnerability. Users are encouraged to patch*..."

* http://support.microsoft.com/kb/2719615#FixItForMe
June 12, 2012 - Revision: 3.0

> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1889 - 9.3 (HIGH)

- https://secunia.com/advisories/49456/
Last Update: 2012-06-22
Criticality level: Extremely critical
Impact: System access
Where: From remote
Solution Status: Vendor Workaround
... vulnerability is currently being actively exploited...

- http://h-online.com/-1619732
18 June 2012

- https://www.us-cert.gov/current/#microsoft_releases_security_advisory_for5
updated June 25, 2012

- http://nakedsecurity.sophos.com/2012/06/29/zero-day-xml-core-services-vulnerability-included-in-blackhole-exploit-kit/
June 29, 2012- "... CVE-2012-1889 exploiting code very similar to that published to Metasploit was seen within the landing page of a Blackhole exploit kit site..."

 Shocked  Exclamation  Sad
« Last Edit: July 04, 2012, 10:09:11 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #247 on: July 10, 2012, 12:03:52 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

MS Security Advisories - 2012.07.10 ...

Microsoft Security Advisory (2728973)
Unauthorized Digital Certificates Could Allow Spoofing
- https://technet.microsoft.com/en-us/security/advisory/2728973
July 10, 2012

- https://blogs.technet.com/b/msrc/archive/2012/07/10/gadgets-certificate-housekeeping-and-the-july-2012-bulletins.aspx?Redirected=true
July 10, 2012 - "... we’ve chosen to -deprecate- the Windows Gadget Gallery effective immediately, and to provide a Fix it to help sysadmins disable Gadgets and the Sidebar across their enterprises..."
Microsoft Security Advisory (2719662)
Vulnerabilities in Gadgets Could Allow Remote Code Execution
- https://technet.microsoft.com/en-us/security/advisory/2719662
July 10, 2012 - "... Applying the automated Microsoft Fix It* solution described in Microsoft Knowledge Base Article 2719662 disables the Windows Sidebar experience and all Gadget functionality..."
* http://support.microsoft.com/kb/2719662#FixItForMe
Last Review: July 13, 2012 - Revision: 2.0

- https://isc.sans.edu/diary.html?storyid=13651
Last Updated: 2012-07-10 22:10:12 UTC - "... insecure gadgets allow random code to be executed with the rights of the logged on user..."

Microsoft Security Advisory (2719615)
Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution
- https://technet.microsoft.com/en-us/security/advisory/2719615
Published: Tuesday, June 12, 2012 | Updated: Tuesday, July 10, 2012
"... We have issued MS12-043 to address this issue..."
- http://support.microsoft.com/kb/2722479#FixItForMe
July 10, 2012
Fix it solution for MSXML version 5 - Microsoft Fix it 50908
> http://go.microsoft.com/?linkid=9813081

Microsoft Security Advisory (2269637)
Insecure Library Loading Could Allow Remote Code Execution
- https://technet.microsoft.com/en-us/security/advisory/2269637
July 10, 2012 - v17.0: Added the following Microsoft Security Bulletin to the Updates relating to Insecure Library Loading section: MS12-046

> http://boards.cexx.org/index.php?topic=19139.msg83702#msg83702

 Shocked  Exclamation
« Last Edit: July 14, 2012, 08:22:50 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #248 on: July 24, 2012, 16:31:45 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

Microsoft Security Advisory (2737111)
Vulnerabilities in Microsoft Exchange and FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution
- https://technet.microsoft.com/en-us/security/advisory/2737111
July 24, 2012 - "Microsoft is investigating new public reports of vulnerabilities in third-party code, Oracle Outside In libraries, that affect Microsoft Exchange Server 2007, Microsoft Exchange Server 2010, and FAST Search Server 2010 for SharePoint, which ship that component. Customers that apply the workarounds described in this advisory are not exposed to the vulnerabilities described in Oracle Critical Patch Update Advisory - July 2012. The vulnerabilities exist due to the way that files are parsed by the third-party, Oracle Outside In libraries. In the most severe case of Microsoft Exchange Server 2007 and Microsoft Exchange Server 2010, it is possible under certain conditions for the vulnerabilities to allow an attacker to take control of the server process that is parsing a specially crafted file. An attacker could then install programs; view, change, or delete data; or take any other action that the server process has access to do. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers..."
• V1.1 (July 25, 2012): Revised the workaround titles for clarity. There were no changes to the workaround steps.

More info...
- https://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx?Redirected=true
24 Jul 2012

Microsoft Exchange Server...
- https://secunia.com/advisories/50019/
Release Date: 2012-07-25
Criticality level: Highly critical
Impact: DoS, System access
Where: From remote...
... more information: https://secunia.com/advisories/49936/
Solution: ... vendor recommends to apply workarounds... see the vendor's advisory...
Original Advisory: Microsoft: http://technet.microsoft.com/en-us/security/advisory/2737111

Microsoft SharePoint and FAST Search Server vuln...
- https://secunia.com/advisories/50049/
Release Date: 2012-07-25
Criticality level: Moderately critical
Impact: DoS, System access
Where: From remote...
... more information: https://secunia.com/advisories/49936/
Solution: ... vendor recommends to apply workarounds... see the vendor's advisory...
Original Advisory: Microsoft: http://technet.microsoft.com/en-us/security/advisory/2737111
___

- http://www.kb.cert.org/vuls/id/118913
Last revised: 27 Jul 2012

- http://h-online.com/-1653568
26 July 2012

> http://boards.cexx.org/index.php?topic=19142.msg83728#msg83728

.
« Last Edit: July 28, 2012, 07:15:45 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #249 on: August 07, 2012, 05:47:55 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

> https://blogs.technet.com/b/mrsnrub/archive/2012/08/06/support-phases-ending-in-the-next-2-years.aspx?Redirected=true
5 Aug 2012
 
July 13th 2013 (2013-07-13)
Windows Server 2008
- enters extended support
- will receive only security/GDR updates
- extended support end July 10th 2018 (2018-07-10)
- last service pack was SP2
- ref: Microsoft Product Lifecycle Search
___
 
April 8th 2014 (2014-04-08)
Windows XP
- end of support
- no more updates for this product
- includes XP x64 Edition
- last service pack for x86 was SP3
- last service pack for x64 was SP2
- ref: Microsoft Product Lifecycle Search
- ref: End of Support

Office 2003
- end of support
- no more updates for this product
- ref: End of Support

.
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #250 on: August 14, 2012, 14:25:34 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

Microsoft Security Advisory (2737111)
Vulnerabilities in Microsoft Exchange and FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution
- https://technet.microsoft.com/en-us/security/advisory/2737111
• V2.0 (August 14, 2012): Advisory updated to reflect publication of security bulletin for Microsoft Exchange.... MS12-058* addresses this issue for Microsoft Exchange.
* https://technet.microsoft.com/en-us/security/bulletin/ms12-058

Microsoft Security Advisory (2661254)
Update For Minimum Certificate Key Length
- https://technet.microsoft.com/en-us/security/advisory/2661254
August 14, 2012 - Ref:
> http://support.microsoft.com/kb/2661254
... Update for minimum certificate key length
August 14, 2012 - Revision: 1.6

>> http://boards.cexx.org/index.php?topic=19154.0

 Exclamation Exclamation

« Last Edit: August 15, 2012, 18:14:12 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #251 on: August 20, 2012, 14:09:04 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

Microsoft Security Advisory (2743314)
Unencapsulated MS-CHAP v2 Authentication Could Allow Information Disclosure
- https://technet.microsoft.com/en-us/security/advisory/2743314
August 20, 2012 - "Microsoft is aware that detailed exploit code has been published for known weaknesses in the Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2). The MS-CHAP v2 protocol is widely used as an authentication method in Point-to-Point Tunneling Protocol (PPTP)-based VPNs. Microsoft is not currently aware of active attacks that use this exploit code or of customer impact at this time. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary..."
- http://support.microsoft.com/kb/2744850
Last Review: August 20, 2012 - Revision: 1.4

- http://h-online.com/-1672257
22 August 2012
___

Microsoft Security Advisory (2661254)
Update For Minimum Certificate Key Length
- https://blogs.technet.com/b/gladiatormsft/archive/2012/08/15/software-update-to-block-rsa-keylengths-gt-1024-has-been-released-to-the-download-center.aspx?Redirected=true
14 Aug 2012 - "... an update was released that, once applied, will block RSA certificates with keys less than 1024 bits. The software update was released to the Download Center. The security advisory is located at:
http://technet.microsoft.com/security/advisory/2661254 .
The KB article is available at http://support.microsoft.com/kb/2661254 *.
The update is available now to allow organizations to assess the impact of this update and to reissue certificates with larger key sizes, if necessary, before the update is sent out through Windows Update. Previous blogs may have mentioned it being released to Windows Update this month. That is no longer the case. The update is planned to be sent out through Windows Update on October 9, 2012..."
* http://support.microsoft.com/kb/2661254
Last Review: August 21, 2012 - Revision: 2.1

 Exclamation
« Last Edit: August 22, 2012, 06:08:28 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #252 on: September 11, 2012, 14:42:45 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

Microsoft Security Advisory (2736233)
Update Rollup for ActiveX Kill Bits
- https://technet.microsoft.com/en-us/security/advisory/2736233
Sep 11, 2012 - "... This update sets the kill bits for the following third-party software:
 Cisco Secure Desktop... relates to a request by Cisco to set a kill bit for an ActiveX control that is vulnerable...
 Cisco Hostscan... relates to a request by Cisco to set a kill bit for an ActiveX control that is vulnerable...
 Cisco AnyConnect Secure Mobility Client... relates to a request by Cisco to set a kill bit for an ActiveX control that is vulnerable..."
- http://support.microsoft.com/kb/2736233

Microsoft Security Advisory (2661254)
Update For Minimum Certificate Key Length
- https://technet.microsoft.com/en-us/security/advisory/2661254
V1.2 (September 11, 2012): Clarified that applications and services that use RSA keys for cryptography and call into the CertGetCertificateChain function could be impacted by this update. Examples of these applications and services include but are not limited to encrypted email, SSL/TLS encryption channels, signed applications, and private PKI environments.
- http://support.microsoft.com/kb/2661254
Last Review: September 12, 2012 - Revision: 3.0

 Exclamation
« Last Edit: September 13, 2012, 05:36:23 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #253 on: September 17, 2012, 18:37:37 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

Microsoft Security Advisory (2757760)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
* http://technet.microsoft.com/security/advisory/2757760
17 Sep 2012 (see "Workarounds" [install EMET**, etc.] ) - "... To download EMET, visit the following Microsoft website:
https://www.microsoft.com/en-us/download/details.aspx?id=29851 ..."

** http://support.microsoft.com/kb/2458544

- https://blogs.technet.com/b/msrc/archive/2012/09/17/microsoft-releases-security-advisory-2757760.aspx?Redirected=true
17 Sep 2012 - "... we released Security Advisory 2757760* to address an issue that affects Internet Explorer 9 and earlier versions if a user views a website hosting malicious code. Internet Explorer 10 is not affected. We have received reports of only a small number of targeted attacks and are working to develop a security update to address this issue. In the meantime, customers using Internet Explorer are protected when they deploy the following workarounds and mitigations included in the advisory:  
• Deploy the Enhanced Mitigation Experience Toolkit (EMET)
    This will help prevent exploitation by providing mitigations to help protect against this issue and should not affect usability of websites.
• Set Internet and local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones
    This will help prevent exploitation but may affect usability; therefore, trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption.
• Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones
    This will help prevent exploitation but can affect usability, so trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption.
Deploying EMET will help to prevent a malicious website from successfully exploiting the issue described in Security Advisory 2757760*. EMET in action is unobtrusive and should not affect customers’ Web browsing experience. We are monitoring the threat landscape very closely and if the situation changes, we will post updates here on the MSRC blog..."
___

- https://www.net-security.org/secworld.php?id=13614
18 Sep 2012 - "... The Rapid7 team got right on it and created a module exploiting the vulnerability for the Metasploit exploit toolkit during the weekend, and advised IE users to switch to other browsers such as Chrome or Firefox until Microsoft patches the flaw security update becomes available. Microsoft has reacted fast by issuing a security advisory yesterday, in which it confirms the existence of the flaw in Internet explorer 9 and all previous versions (IE10 is not affected), and offers instructions on steps the users can take to mitigate - but not yet remove - the threat:
• Deploy the Enhanced Mitigation Experience Toolkit (EMET) and configure it for Internet Explorer
• Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones
• Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone.
These steps could bring additional problems to the users, such as being bombarded by a slew of security warnings, so until Microsoft releases a definitive patch for the hole, maybe it would be easier for IE users to take Rapid7's advice and switch to another browser for the time being."

 Shocked Sad
« Last Edit: September 18, 2012, 16:56:54 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #254 on: September 18, 2012, 16:57:48 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7978



FYI...

Microsoft Security Advisory (2757760)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- https://technet.microsoft.com/en-us/security/advisory/2757760
V1.1 (Sep 18, 2012): Assigned Common Vulnerability and Exposure number CVE-2012-4969 to the issue. Also -corrected- instructions in the EMET workaround.

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4969 - 9.3 (HIGH)
"... function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012..."

- https://blogs.technet.com/b/msrc/archive/2012/09/18/additional-information-about-internet-explorer-and-security-advisory-2757760.aspx?Redirected=true
18 Sep 2012 - "We will release a Fix it in the next few days to address an issue in Internet Explorer... It will not affect your ability to browse the Web, and it will provide full protection against this issue until an update is available.  It won’t require a reboot of your computer. This Fix it will be available for everyone to download and install within the next few days..."

 Exclamation
« Last Edit: September 19, 2012, 03:22:05 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
 
Pages: 1 ... 15 16 [17] 18 19 20   Go Up
  Print  
 
Jump to:  

Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Page created in 0.699 seconds with 20 queries.