Elite Computers
REGISTER Other People All Forums Active Topics Contact Staff Enter a PC Buy a PC Forum Search Forum Help Main Forum menuNoLogin Image Map
Username:
Password:
Save Password
Forgot your Password?

Who's here at 10:28:11 AM on 10/21/2017?
 All Forums
 Computer Forums
 General Chat Forum
 Internet Explorer is Unsafe ... Still (UPDATED)
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

BigDOGGe
Administrator
MY PC

USA
566 Posts

Posted - 12/16/2008 :  12:49:28 PM  Show Profile  Reply with Quote
Internet Explorer is Unsafe ... Still
Browser bug has yet to be fixed, and is spreading rapidly, reports say.

PC World
Tuesday, December 16, 2008; 1:19 PM

A malignant security flaw found in all versions of Microsoft's Internet Explorer browser has yet to be fixed, and the problem is spreading. Microsoft detailed the flaw in a security update blog post six days ago. Since then, the problem has spread across the globe, hitting at least 2 million computers.

Unlike other computer exploits, this one does not require users to click on fishy links or download mysterious software: it plagues computers that simply open an infected Web page.

Internet Explorer is currently used by 69 percent of Web surfers. The flaw hides inside the data binding function of the browser and causes IE to quit unexpectedly and reopen vulnerable to prying eyes.

So far most of the attacks have been geographically centered on China and have been used for the purposes of stealing computer game passwords. But with a flaw as gap-toothed as this, the possibilities of nefarious action could include the massive theft of personal information such as administrative computer passwords and financial data.


Even though there is currently no patch for this problem, Microsoft has offered a variety of workarounds. Most involve disabling or crippling the "oledb32.dll" file. Other methods include setting Internet and local intranet security zones to "high" and configuring Internet Explorer to prompt before running Active Scripting or to disabling Active Scripting.

Though it's always wise to keep your antivirus software updated, it may not protect you in this case, as most antivirus software does not monitor Internet traffic. The easiest way to keep your computer safe is to stop using Internet Explorer. And while other browsers aren't entirely devoid of bugs, they are a better alternative in this case.

.

BigDOGGe
Administrator
MY PC

USA
566 Posts

Posted - 12/17/2008 :  2:25:18 PM  Show Profile  Reply with Quote
Microsoft patches critical IE bug with emergency update
Researchers give the company high marks for getting a fix out fast
By Gregg Keizer

.

December 17, 2008 (Computerworld)

As it promised yesterday, Microsoft Corp. today issued an emergency patch to plug a critical hole in Internet Explorer (IE) that attackers have been increasingly exploiting from hacked Web sites.

The patch, described in Microsoft's security bulletin MS08-078, fixes a flaw in the data-binding function of all available versions of the popular browser, including IE5.01, IE6, IE7 and IE8 Beta 2.

Microsoft labeled the bug as "critical," the most serious threat ranking in its four-step scoring system. Today's update was the second out-of-cycle patch from Microsoft in the past two months.

Researchers unanimously praised Microsoft for putting out the patch as quickly as it did.

"This was clearly an all-hands-on deck effort," said Eric Schultze, chief technology officer at Shavlik Technologies LLC. "The out-of-band process worked exactly as intended in this case."

Andrew Storms, the director of security operations at nCircle Network Security Inc., seconded Schultze. "This was a classic case of what we would like to happen. Microsoft acknowledged the fault, issued work-arounds, gave us advance notice that it would patch and then released the patch," he said.

Wolfgang Kandek, chief technology officer at Qualys Inc., also applauded Microsoft. "Considering the way that Microsoft is set up, I thought this was pretty quick," he said.

Microsoft first acknowledged the vulnerability a week ago today, one day after it unleashed its biggest set of security updates in more than five years. At the time, it said that only the newest production version of the browser, IE7, was at risk, but the company quickly changed its tune when additional research revealed that all versions contained the bug.

According to both Microsoft and numerous security firms, attacks have been mounting, particularly since last weekend, when hackers began hijacking legitimate Web sites and launching exploits against unwary visitors. In fact, Microsoft said it monitored a "huge increase" in attacks last Saturday.

Reports of the vulnerability and publicly-available exploit code first surfaced Dec. 9, although at least one researcher said he had found evidence of attacks starting three days before.

In any case, Microsoft was quick to respond, said researchers. "They're getting better in terms of their speed and agility to respond," said Storms. "Actually, today was very anticlimactic. Probably the biggest part of this was all the build-up."

The analysts agreed that Microsoft didn't act in a vacuum, but pushed the patch process because of the attack situation. "By late last week, Microsoft was aware that this issue was starting to infect users' systems at a faster rate than they've seen with past zero-day exploits," said Schultze in a follow-up e-mail today.

"They fixed this so quickly because [the exploit] became public," added Storms.

The drumbeat of news, and Microsoft's own warnings that attacks were on the rise, prompted some to recommend that IE users abandon the browser for an alternative, such as Mozilla's Firefox, Opera Software's Opera or Google's Chrome.

"That advice just wasn't merited," argued Schultze, "particularly with the patch coming."

Kandek urged people to apply the patch immediately and said that enterprises should be able to deploy the fix without much testing. "You should be able to roll it out with your normal patch process," he said. "I think any fallout should be minor. Fixes for Word, PowerPoint and especially IE, you should be able to [deploy] quickly without much testing necessary."

The patch is available for users of Windows 2000, XP, Vista, Server 2003 and Server 2008 and can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services.

Go to Top of Page

BigDOGGe
Administrator
MY PC

USA
566 Posts

Posted - 12/17/2008 :  2:38:39 PM  Show Profile  Reply with Quote
On a related note, for FIREFOX users...(I just updated to version 3 myself, as it seems to be well-debugged by now, and Mozilla is no longer going to support version 2 with security updates anyway...)

.

Firefox security updates ready for download

by Erica Sadun Dec. 17 2008


Mozilla has just released security updates for its Firefox 2 and Firefox 3 browsers. You can download these free updates for 3.0.5 and 2.0.0.19, which can be run on Windows, Mac, and Linux. The latter represents the final security and stability release for Firefox 2. Mozilla is asking Firefox 2 users to upgrade to Firefox 3. Also disappearing is the Phishing Protection service for Firefox 2. This service, which protects against malware, will continue in Firefox 3.

Both updates look fairly straightforward. The 3.0.5 update fixes both security and stability issues and introduces language support for Bengali, Esperanto, Galician, Hindi and Latvian. It enhances accessibility and updates crash reports to include OS-specific system notes. The Firefox 2 update seems to address security issues and very little else.

The security issues that have been patched with these releases include XSS vulnerabilities, privilege escalation, user tracking through persistent attributes, and the potential disclosure of sensitive information in 302 responses, which provide redirection to outside domains. Of these fixes, four issues were considered critical, and three more either high or moderate importance. According to Mozilla, a critical vulnerability can be used to "run attacker code and install software, requiring no user interaction beyond normal browsing."

You can check for updates directly within Firefox itself by selecting "Check for Updates..." from its Help menu. Release notes for 3.0.5 update and the 2.0.0.19 update are available for reading online.

.

Go to Top of Page

KC
Head Honcho
MY PC

USA
3052 Posts

Posted - 12/17/2008 :  3:24:55 PM  Show Profile  Reply with Quote
Sure, still all kinds of nasty "means of entry holes", but for guys like us that run a couple lawyers of protection to prevent ANYTHING from modifying ANYTHING that could keep it alive are but gnats around the table while we eat our big (Internet) meal all day ;-}


KC's Kruisers - It's all how you look at things
Go to Top of Page

WheelSmoke
Advanced Member
MY PC

USA
1255 Posts

Posted - 12/18/2008 :  1:52:18 PM  Show Profile  Reply with Quote
A little off topic but I can not seem to stop these FSO "gnats" from getting on my nerves or out of my "meal" so its more of a rant I guess. 8/

Have you noticed how flash player "flash shared objects" act like cookies with super powers that never go away these days. grrr... I must have disabled them (global settings) ten times and they still track my every move.

Check it out: %appdata%\Macromedia\Flash Player







Go to Top of Page

KC
Head Honcho
MY PC

USA
3052 Posts

Posted - 12/18/2008 :  4:30:00 PM  Show Profile  Reply with Quote
quote:
Originally posted by WheelSmoke

Have you noticed how flash player "flash shared objects" act like cookies with super powers that never go away
Nope.
Are you talking about a web site asking you to install something so you can view their web page?

A-Squared has been my new best friend when I browse these days.

KC's Kruisers - It's all how you look at things
Go to Top of Page

WheelSmoke
Advanced Member
MY PC

USA
1255 Posts

Posted - 12/19/2008 :  1:08:41 PM  Show Profile  Reply with Quote
quote:
Are you talking about a web site asking you to install something so you can view their web page?

No I mean the flash player shared object global storage.
The default allows any web site to put up to 100k on your pc. Including third party and common components.

Here is a link to the Adobe Flash Player Settings Manager Global Storage Settings Panel.

What bothers me is that totally disabeling FSO just does not work. And as far as I can tell just about every web site with flash content does put files on your system without permission anyway.

For example below is the tree command one day after deleting all the files/folders on my pc. (kind of long, sorry)







---------------------------------------------------------------
From the command TREE.

C:\Documents and Settings\DansAccount\Application Data\Macromedia>tree /a
Folder PATH listing for volume Danny Disk
Volume serial number is 7FFDA000 3813:C552
C:.
\---Flash Player
+---#SharedObjects
| \---JTDVRE7K
| +---bin.clearspring.com
| +---cdn.visiblemeasures.com
| | \---swf
| | \---as2
| | \---AS2SOHandler.swf
| +---core.videoegg.com
| | +---#com
| | | \---videoegg
| | \---#ve
| +---flash.quantserve.com
| +---googleads.g.doubleclick.net
| | \---pagead
| | \---googleadplayer.swf
| +---interclick.com
| +---lads.myspace.com
| | \---videos
| | +---Main.swf
| | \---vplayer.swf
| +---media.mtvnservices.com
| | +---global
| | | \---apps
| | | \---player
| | | +---flex
| | | | \---Loader.swf
| | | \---gui
| | | \---com
| | | \---mtvnservices
| | | \---media
| | | \---player
| | | \---gui
| | | \---FFMod.swf
| | \---player
| | \---release
| +---netstorage-pub-digitas-cp60804.vindicosuite.com.edgesuite.net
| | \---production
| | \---SmallSyndicationPlayer.swf
| +---resources-p2.imeem.com
| +---s.ytimg.com
| +---slide.com
| +---static.ak.connect.facebook.com
| | \---swf
| | \---XdComm.swf
| +---webfetti.com
| | \---assets
| | \---toys
| | \---F
| | \---0.swf
| +---widget-3f.slide.com
| +---www.gotvidz.com
| +---www.xatech.com
| \---www.youtube.com
\---macromedia.com
\---support
\---flashplayer
\---sys
+---#bin.clearspring.com
+---#cdn.visiblemeasures.com
+---#core.videoegg.com
+---#flash.quantserve.com
+---#googleads.g.doubleclick.net
+---#interclick.com
+---#lads.myspace.com
+---#media.mtvnservices.com
+---#netstorage-pub-digitas-cp60804.vindicosuite.com.edgesuite.net
+---#resources-p2.imeem.com
+---#s.ytimg.com
+---#slide.com
+---#static.ak.connect.facebook.com
+---#webfetti.com
+---#widget-3f.slide.com
+---#www.gotvidz.com
+---#www.xatech.com
\---#www.youtube.com

C:\Documents and Settings\DansAccount\Application Data\Macromedia>




Go to Top of Page

WheelSmoke
Advanced Member
MY PC

USA
1255 Posts

Posted - 12/19/2008 :  1:54:20 PM  Show Profile  Reply with Quote
oh ya, Did A-Squared block the files and folders like that on your system or are they there? From what I read its doubtfull that it could???


Here is a help page sniplet about FSO's.
From: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html

-----------------------------------------

If I've already set privacy and disk space options in my browser, do I need to do it again?

You may be aware that some websites work together with your browser to store small amounts of data, called cookies, on your computer for their own use in the future. For example, when you go to a website regularly, it may welcome you by name; your name is probably stored in a cookie, and you can use browser options to determine whether you want cookies or not. You may also have specified in your browser that pages you visit can take up only a certain amount of disk space.

When SWF or FLV content is being played, the settings you select for Flash Player are used in place of options you may have set in your browser. That is, even if you have specified in your browser settings that you do not want cookies placed on your computer, you may be asked if an application that runs in Flash Player can store information. This happens because the information stored by Flash Player is not the same as a cookie; it is used only by the application, and has no relation to any other Internet privacy or security settings you may have set in your browser.

Similarly, the amount of disk space you let the application use has no relation to the amount of disk space you have allotted for stored pages in your browser. That is, when SWF or FLV content is being played, the amount of disk space you allow here is in addition to any space your browser is using for stored pages.

No matter how you may have configured your browser, you still have the option to allow or deny the application that runs in Flash Player permission to store the information, and to specify how much disk space the stored information can occupy.
---------------------------------------------

I'm half way sure the maleware types with names something like "Anti Spyware 2008" for some reason copy files there. Harmless ones hopefully. IDK...





Go to Top of Page

WheelSmoke
Advanced Member
MY PC

USA
1255 Posts

Posted - 12/20/2008 :  2:30:32 PM  Show Profile  Reply with Quote
Sorry about that BigDOGGe I got a little carried away.

Continued Here.




Go to Top of Page

KC
Head Honcho
MY PC

USA
3052 Posts

Posted - 12/21/2008 :  09:19:52 AM  Show Profile  Reply with Quote
quote:
Originally posted by WheelSmoke

oh ya, Did A-Squared block the files and folders like that on your system or are they there?
No, but it does keep web sites from opening links to "known" or "suspicious" sites, usually tracking sites.

Be it a web site, cookie, or flash object, if it tries to contact another site A-2 does prevent it.

I put the patch in, no biggie.

I did have to smile when A-2 blocked Microsoft's site from opening a tracking site when I got the patch, and then again when it asked me if I wanted to allow the patch to modify my browser though ;-}


KC's Kruisers - It's all how you look at things
Go to Top of Page

BigDOGGe
Administrator
MY PC

USA
566 Posts

Posted - 12/21/2008 :  11:24:29 AM  Show Profile  Reply with Quote
quote:
but for guys like us that run a couple lawyers of protection


Damn. You either meant "layers", or else you are REALLY going all-out to protect your PC...

Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Elite Computers Go To Top Of Page
Snitz Forums 2000