grasshopper hates (security) bugs (in Windows), episode 1
Bah humbug. You hate other bugs, specifically computer security holes in MS Windows, so prone to malicious exploitation. You still work mostly in the Win32/x86-64 environment, and use IE to surf the web. You neither find fault with Windows' GUI, nor get drawn into heated discussions about M$'s monopoly and its consequences. You do, however, go crazy over Windows' numerous, exploited security vulnerabilities.
The latest is a 'zero-day' exploit that targets a vulnerability in Windows MetaFiles (WMF), when handled by applications such as Windows Explorer, IE, Windows Picture and Fax Viewer, Windows Paint, and Google Desktop. Over 70 variants of the exploit have emerged, and are spreading via webpages, email, and IM, while an official fix has yet to be produced. Larry Seltzer calls this a WMF (Windows Major Foul-Up); Steven J. Vaughn-Nichols takes the opportunity -- and rightly so, in this case -- to advocate Linux. You know this danger is real, because your system was attacked while loading a streaming webcast of Liverpool versus West Brom via IE. Fortunately you had preemptively installed Avast! -- in place of an eTrust-based scanner, because not all antivirus programs are able to detect all variants of the exploit -- and it prevented the infection.
Two -- albeit temporary, in the sense that Microsoft is responsible for the official, hopefully permanent fix -- effective workarounds have now been released by non-MS researchers. The most effective is Ilfak Guilfanov's patch. See Steve Gibson's Security Now! episode#20 notes for download information, and more links to articles detailing this WMF vulnerability. F-Secure's and Sunbelt's blogs track the latest developments.
Let us all practice more secure computing during this new year. Now is a really good time to read up on GNU Linux, install one's choice of distro, and learn to be productive in it. Best wishes.
The latest is a 'zero-day' exploit that targets a vulnerability in Windows MetaFiles (WMF), when handled by applications such as Windows Explorer, IE, Windows Picture and Fax Viewer, Windows Paint, and Google Desktop. Over 70 variants of the exploit have emerged, and are spreading via webpages, email, and IM, while an official fix has yet to be produced. Larry Seltzer calls this a WMF (Windows Major Foul-Up); Steven J. Vaughn-Nichols takes the opportunity -- and rightly so, in this case -- to advocate Linux. You know this danger is real, because your system was attacked while loading a streaming webcast of Liverpool versus West Brom via IE. Fortunately you had preemptively installed Avast! -- in place of an eTrust-based scanner, because not all antivirus programs are able to detect all variants of the exploit -- and it prevented the infection.
Two -- albeit temporary, in the sense that Microsoft is responsible for the official, hopefully permanent fix -- effective workarounds have now been released by non-MS researchers. The most effective is Ilfak Guilfanov's patch. See Steve Gibson's Security Now! episode#20 notes for download information, and more links to articles detailing this WMF vulnerability. F-Secure's and Sunbelt's blogs track the latest developments.
Let us all practice more secure computing during this new year. Now is a really good time to read up on GNU Linux, install one's choice of distro, and learn to be productive in it. Best wishes.
Labels: computing, shit happens
4 Comments:
>your system was attacked while loading a streaming webcast of Liverpool versus West Brom via IE
Hey, I'm interested in this. Where do you get a streaming webcast of a football(soccer?) game? Is it live? Free or paid service?
By professor, at Mon Jan 02, 04:35:00 PM GMT+8
prof, I will reply to your query via email. I did not post this entry to discuss football or streaming webcasts, rather I wanted to provide an example of how an infection can occur.
Apply the patch!
By BlackRX, at Mon Jan 02, 04:49:00 PM GMT+8
A totally irrelevant(irreverent?) comment...perhaps after experiencing blogging, now you can understand why people blog? So as to get in touch with long-lost friends.
Oops, I did it again!
By professor, at Tue Jan 10, 01:13:00 AM GMT+8
Yes, I am beginning to understand, quite happily in fact.
By BlackRX, at Wed Jan 11, 12:54:00 AM GMT+8
Post a Comment
<< Home