Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43435
  • Total Topics: 16529
  • Online today: 3056
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 3
Guests: 2979
Total: 2982









Author Topic: One-click Fix-It tool for latest 0day Attack on XP (download)  (Read 3739 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Microsoft has offered a workaround to Windows XP users affected after a flaw in the operating system was exploited: http://scforum.info/index.php/topic,4314.0.html

Since Google engineer Tavis Ormandy released details of the zero-day flaw last month, cyber criminals have dramatically ramped up online attacks that target the bug. Microsoft revealed it has now logged more than 10,000 attacks.

"At first, we only saw legitimate researchers testing innocuous proof-of-concepts. Then, early on June 15, the first real public exploits emerged," Microsoft said in a blog posting: http://blogs.technet.com/b/mmpc/archive/2010/06/30/attacks-on-the-windows-help-and-support-center-vulnerability-cve-2010-1885.aspx

The flaw lies in the Windows Help and Support Center software that comes with Windows XP.

Ormandy was criticized by some in the security community for not giving Microsoft more time to patch the flaw, which he disclosed to the software vendor on June 5. He released details of the bug five days later, apparently after failing to convince Microsoft to fix the issue within 60 days.

Microsoft said in an advisory it is investigating the issue, and it may issue an out-of-schedule patch for the problem: http://www.microsoft.com/technet/security/advisory/2219475.mspx

"Microsoft is also aware of limited, targeted active attacks that use this exploit code. Based on the samples analyzed, Windows Server 2003 systems are not currently at risk from these attacks. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary," the advisor says.

However, until then, it is advising those with affected PCs to use a one-click Fix-It tool to disable the Help Centre Protocols: http://support.microsoft.com/kb/2219475

Alternatively, Windows XP users can disable HCP manually. Click the Start menu, followed by Run. Type regedit and press ok. Highlight the HCP key after expanding the HKEY_CLASSES_ROOT folder. Then right click on the HCP key and select Delete.

(PCW)

Samker's Computer Forum - SCforum.info


paf

  • SCF Newbie
  • *
  • Posts: 5
  • KARMA: 3
Re: One-click Fix-It tool for latest 0day Attack on XP (download)
« Reply #1 on: 03. July 2010., 21:40:51 »
Hi Samker, thanks a lot for the information. I'm still usin XP on one of my computers, so this is really useful. Cheers.

amko_sa

  • SCF VIP Member
  • *****
  • Posts: 88
  • KARMA: 15
  • Gender: Male
    • Newsapp IT support Portal
Re: One-click Fix-It tool for latest 0day Attack on XP (download)
« Reply #2 on: 04. July 2010., 16:14:50 »
Thanks Samker for useful news.

Samker's Computer Forum - SCforum.info

Re: One-click Fix-It tool for latest 0day Attack on XP (download)
« Reply #2 on: 04. July 2010., 16:14:50 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023