Spyware, Viruses, & Security forum

General discussion

NEWS - October 20, 2006

by Marianna Schmudlach / October 20, 2006 11:06 AM PDT

New Internet Explorer and an old vulnerability

Published: 2006-10-20,
Last Updated: 2006-10-20 02:05:22 UTC by Bojan Zdrnja (Version: 1)

As you probably know by now, Microsoft yesterday released the final version of Internet Explorer 7; if you want to install it on your machine you can download it from http://www.microsoft.com/windows/ie/default.mspx. Microsoft also said that in couple of weeks this will be automatically pushed to all client machines through Windows Update, so if you still haven't tested your mission critical internal web applications with IE7, you better do it now.

Besides news about the final version of IE7, a lot of people are already talking about the first vulnerability for IE7, which was announced yesterday on various security mailing lists. The vulnerability is caused by an error in redirections handling with the "mhtml:" URI handler.

http://www.incidents.org/diary.php?storyid=1797

Discussion is locked
You are posting a reply to: NEWS - October 20, 2006
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - October 20, 2006
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Gromozon Evolution: From Spaghetti to Lasagna
by Marianna Schmudlach / October 20, 2006 11:11 AM PDT

Since we last talked about Trojan.Linkoptimizer (a.k.a. Gromozon) and the Italian Spaghetti saga, there have been some significant developments. What we had originally dubbed "spaghetti threats" now look much more like multi-layered "lasagna threats". Several new features and improvements were integrated into the latest incarnation of this Trojan by the authors, who are probably getting paid well for all of their efforts.

How do users get infected with Linkoptimizer/Gromozon variants? We noticed that the complicated distribution scheme of Trojan.Linkoptimizer (shown in Figure 1) introduced a few significant changes, compared to the original scheme of the previous blog article. Here are the new things that we noticed:

More: http://www.symantec.com/enterprise/security_response/weblog/2006/10/gromozon_reloaded_everything_t.html


New updated Symantec Removal tool:

http://securityresponse.symantec.com/avcenter/FixLinkopt.exe

Collapse -
MS and researchers split hairs over first IE7 flaw
by Marianna Schmudlach / October 20, 2006 11:22 AM PDT

Bun fight over bug report
By John Leyden → More by this author
Published Friday 20th October 2006 11:05 GMT

A dispute has broken out over reports of the first security vulnerability in IE7 since its release earlier this week.

Microsoft claims the vulnerability stems from a flaw in Outlook Express, but security researchers say that since the bug can be exploited via IE7 it is really an IE7 vulnerability.

The dispute kicked off on Thursday after security notification firm Secunia published an alert about an information disclosure bug affecting IE7 hours after the release of Microsoft's long-awaited browser.

http://www.theregister.co.uk/2006/10/20/ie7_flaw_dispute/

Collapse -
McAfee hoping MS will live up to 'hollow' promises
by Marianna Schmudlach / October 20, 2006 11:24 AM PDT

Microsoft unimpressed
By Chris Williams →
Published Friday 20th October 2006 14:43 GMT

The latest in the never-ending ding-**** between Microsoft and Vista-twitchy security vendors was another snipe from McAfee yesterday, swiftly followed by the inevitable backbitching from Redmond today.

McAfee quickly came out to rubbish yesterday's reiterated promises from Redmond that it would hand over code crucial to security developers.

McAfee's Brussels lawyer Christopher Thomas said: "Despite pledges, press conferences, and speeches by Microsoft, the community of independent security companies that consumers rely on for computer protection has seen little indication that Microsoft intends to live up to the promises it made last week.

http://www.theregister.co.uk/2006/10/20/ms_mcafee_rumble/

Collapse -
Sophos: Microsoft Doesn't Need to Open Up PatchGuard
by Marianna Schmudlach / October 20, 2006 11:27 AM PDT

By Scott M. Fulton, III, BetaNews
October 20, 2006, 5:31 PM
In an interview with BetaNews on Friday afternoon, Sophos senior security analyst Ron O'Brien suggested that, even though his company plans to participate with Microsoft's program to build a security services API for Windows Vista SP1 -- and perhaps because of that fact -- Microsoft does not need to create a bypass mechanism for its upcoming PatchGuard kernel lockdown service, as other vendors have recently insisted.

"Two of our largest competitors, McAfee and Symantec - which clearly have anti-virus products that compare to Sophos - have publicly complained that being locked out of the Vista kernel somehow prevents them from being able to innovate," O'Brien noted.


http://www.betanews.com/article/Sophos_Microsoft_Doesnt_Need_to_Open_Up_PatchGuard/1161379239

Collapse -
Microsoft Blocks Vista Rootkit Exploit
by Marianna Schmudlach / October 20, 2006 11:30 AM PDT

By Ryan Naraine
October 20, 2006

Microsoft has blocked the attack vector used to slip unsigned drivers past new security policies being implemented in Windows Vista, according to Joanna Rutkowska, the stealth malware researcher who created the exploit.


Rutkowska, who demonstrated the exploit at the Black Hat conference in August, said she tested the attack against Windows Vista RC2 x64 and found that the exploit doesn't work anymore.

"The reason: Vista RC2 now blocks write-access to raw disk sectors for user mode applications, even if they are executed with elevated administrative rights," Rutkowska wrote on her Invisible Things blog.

http://www.eweek.com/article2/0,1895,2034307,00.asp

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?