Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft releases Security Advisory 2963983


26 Apr 2014   #1
Microsoft MVP

64-bit Windows 8.1 Enterprise
 
 
Microsoft releases Security Advisory 2963983

Quote:
Today, we released Security Advisory 2963983 regarding an issue that impacts Internet Explorer. At this time, we are only aware of limited, targeted attacks. This issue allows remote code execution if users visit a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an email or instant message.

Our initial investigation has revealed that Enhanced Protected Mode, on by default for the modern browsing experience in Internet Explorer 10 and Internet Explorer 11, as well as Enhanced Mitigation Experience Toolkit (EMET) 4.1 and EMET 5.0 Technical Preview, will help protect against this potential risk. We also encourage you to follow the "Protect Your Computer" guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. Additionally, we encourage everyone to exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders. Additional information can be found at www.microsoft.com/protect.

We are monitoring the threat landscape very closely and will continue to take appropriate action to help protect customers.

Thank you,

Dustin Childs
Group Manager, Response Communications
Trustworthy Computing
Source: Microsoft releases Security Advisory 2963983 - MSRC - Site Home - TechNet Blogs


See also: Enhanced Mitigation Experience Toolkit (EMET)

My System SpecsSystem Spec
.

27 Apr 2014   #2

Microsoft Windows 7 Home Premium 64-bit Service Pack 1
 
 
Microsoft acknowledges "in the wild" Internet Explorer zero-day

Quote:
Microsoft has published a security advisory of the heart-dropping sort.

An "in the wild" exploit has been spotted that can cause RCE, or remote code execution, in Internet Explorer...
Read more at: http://nakedsecurity.sophos.com/2014/04/27/microsoft-acknowledges-in-the-wild-internet-explorer-zero-day

Microsoft TechNet Article: Vulnerability in Internet Explorer Could Allow Remote Code Execution
My System SpecsSystem Spec
27 Apr 2014   #3

Win-7 Home Prem 64-bit 7601 Free SP1
 
 

Another one for people that think Windows defender is a antivirus,
And who have no clue what real time Malware protection is,
Otherwise it's a nonevent,
Specially crafted website Free Free Free everything is Free
My System SpecsSystem Spec
.


27 Apr 2014   #4

Windows 7 Pro-x64
 
 

Quote:
An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
(My Underline) Nothing new about that. MS issues patches for RCE holes every month. If it's serious enough, they'll issue it outside of the monthly update. It occurs only when a fool visits a website to collect his inheritance from some government banker in Botswana or some such.
My System SpecsSystem Spec
28 Apr 2014   #5

W7 X-64 RTM,SUSE 11.1, XP PRO SP3 as a VM, VMware ESXi
 
 

Hi there

YAP YAP ... (Yet Another Panic) again!!!

For Windows 7 install MSE and Windows 8 Windows defender is the built in security system (improved kernel based version of MSE).

OS'es always have security holes -- once they've been found they will be fixed -- it doesn't matter whether it's Ms's Windows defender or any other AV software - there's ALWAYS some holes -- they won't necessarily be the same.

All these people who say Windows Defender (W8) or MSE(Windows 7) is worse than XXXXXX really are just adding to the amount of Green House gases and global warming by feeding yet more Bovine Excretia into the atmosphere.

It's almost 100% impossible to totally secure a NETWORKED system. Most of the exploits fortunately are discovered and fixed quite quickly -- and for this I'd suggest Ms reacts faster than any of the 3rd party people out there.

BUT : Whatever you use - keep it regularly up to date and SURF SAFELY - particularly when downloading as the common practice these days for a lot of download sites is to have so many green arrows etc for downloading toolbars / helpers / other stuff that a normal user will never find the software they REALLY want to download and end up with some sort of AD/CRAP/SPY/TRIAL ware on their systems which no AV product will prevent.

I posted a while ago about BUBBLEDOCK -- even now no AV (free) detects it. !!! You really don't want it on your system !!.

Windows defender (W8) MSE(Windows 7) work perfectly OK on W8./Windows 7 respectively and are usually updated at least every other day. If you are more security paranoid then by all means use something else - but in the last analysis they are all much of a muchness --and POST analysis results are no good -- doesn't matter say what was best on Mar 15 for example -- a whole slew of different problems might be current say on May 15th.

In any case the BEST bet is only using decent web sites, preferably surfing via a VM that doesn't have any of your personal stuff on it.


Cheers
jimbo
My System SpecsSystem Spec
28 Apr 2014   #6

Windows 7 Pro. 64/SP-1
 
 

They will never make a security system that will stop bad things from getting into a system if the owner/operator of the computer doesn't control where they go and what the tick.
Now their is a new bunch of tablet/phone users that just poke and hope.
That should give the bad guys lots of fun and the good guys lots of head aches trying to stop the exploits.

Giving instructions using the Control Panel or Cmd. Prompt ect.
Well that's not going to happen with the Poke and Hope generation.
My System SpecsSystem Spec
28 Apr 2014   #7

Win-7 Home Prem 64-bit 7601 Free SP1
 
 

Just for the record,
I never refer to anything about win-8
All references are for win-7 only,
Cheers.
My System SpecsSystem Spec
28 Apr 2014   #8
bej

Windows 7 Home Premium SP1 64bit
 
 

More fear mongering. Hopefully, says Microsoft, we can scare more people into upgrading to Win 7 or Win 8.
Notice all the qualifiers in EVERY fear tactic. They have no clue how many people have been affected by these
so-called "security threats". In reality, very few, if any.
My System SpecsSystem Spec
Reply

 Microsoft releases Security Advisory 2963983




Thread Tools



Similar help and support threads for2: Microsoft releases Security Advisory 2963983
Thread Forum
Microsoft Releases Security Advisory 2458511 Windows Updates & Activation
Microsoft Security Advisory (2286198) News
Microsoft Security Advisory (980088) System Security
Microsoft Security Advisory (979352) System Security
Microsoft Security Advisory 973882, Microsoft Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 11:28 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33