[News] Zero-day Windows bug

View previous topic View next topic Go down

[News] Zero-day Windows bug

Post by DarthTrader on 20/8/2010, 06:27

http://www.computerworld.com/s/article/9180978/Zero_day_Windows_bug_problem_worse_than_first_thought_says_expert

Computerworld - An unpatched problem with Windows applications is much worse than first thought, with hundreds of programs, not just 40, vulnerable to attack, a Slovenian security company said today.

"It was a shocking surprise," said Mitja Kolsek, CEO of Acros Security. "It appears that most every Windows application has this vulnerability."

Yesterday, American researcher HD Moore announced that he had stumbled upon about 40 Windows applications with a common vulnerability, but he declined to name the programs or go into detail about the bug.

Today, Kolsek said that Acros has been digging into a new class of vulnerabilities for months. It has found more than 200 flawed applications harboring more than 500 separate bugs, he added, noting that the company had reported its findings to Microsoft more than four months ago.
[...]

DarthTrader
Member
Member

Posts : 21
Join date : 2010-07-28

View user profile

Back to top Go down

Re: [News] Zero-day Windows bug

Post by ssj100 on 20/8/2010, 06:42

While there are always new exploits being discovered for Windows, this one sounds like an interesting one. However, I still maintain that default-deny anti-execution combined with sandboxing (particularly with Sandboxie) can block/mitigate "100%" of these exploits.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: [News] Zero-day Windows bug

Post by DarthTrader on 20/8/2010, 07:08

Yep. Looks like I'll be using Sandboxie a lot more now! Smile

DarthTrader
Member
Member

Posts : 21
Join date : 2010-07-28

View user profile

Back to top Go down

Re: [News] Zero-day Windows bug

Post by DarthTrader on 25/8/2010, 04:01

Microsoft releases a new patch (or is it a "tool"?) to handle this problem.

Technet blog.

Download here.

DarthTrader
Member
Member

Posts : 21
Join date : 2010-07-28

View user profile

Back to top Go down

Re: [News] Zero-day Windows bug

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum