Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Critical bug in 40 different Windows apps

25 Aug 2010   #11
Tews

64-bit Windows 8.1 Pro
 
 

Thanks for the update Corrine.. forewarned is forearmed..


My System SpecsSystem Spec
.
25 Aug 2010   #12
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Bill Pytlovany and WinPatrol PLUS to the rescue!

Twitter / Corrine (MVP): RT @WinPatrol: WinPatrol P ...
Quote:
RT @WinPatrol: WinPatrol PLUS users add protection from DLL(CWDIllegalInDllSearch) vulnerability BillP Studios - WinPatrol Registry Monitoring Scripts
My System SpecsSystem Spec
28 Aug 2010   #13
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Although I do not support/condone the use of P2P programs as they are a major source of malware infection, I know many people do use them. If you use uTorrent, please note from ĀµTorrent 2.0.4 released (Page 1) / Announcements / forum.utorrent.com
Quote:
There is a DLL vulnerability in all versions of Windows affecting a great deal of software applications. Subsequently, attack code targeting the μTorrent client surfaced on a third-party website, and while so far no attacks have been reported to us, we have released μTorrent 2.0.4 to fix this vulnerability. The new client disables loading of DLLs from the current working directory and prevents this exploit from functioning. More information about the exploit can be found here: Windows DLL load hijacking exploits go wild | Reuters

We take our user's security very seriously, and we sincerely apologize for any inconvenience.

Release notes
:
My System SpecsSystem Spec
.

28 Aug 2010   #14
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64
 
 

You can find malware tucked away in new things you download as well like trying out some new ulitility that could end up exploiting some of the vulnerabilities. It doesn't always have to be a full install program either but some stand alone tool with a bug wrapped up in a zip file.

File sharing programs(web) even leaves a system open wider for sure!
My System SpecsSystem Spec
31 Aug 2010   #15
Corrine

Windows 7 & Windows Vista Ultimate
 
 
Update on Security Advisory 2269673

As described in the Security, Research & Defense blog (linked below), the following would need to occur in order to be exploited:
Quote:
"this class of vulnerabilities could allow malicious code to run if an attacker can convince a victim to do the following:
  • Browse to a malicious, untrusted WebDAV server in the Internet Zone; and
  • Double-click a file that appears by its extension and icon to be safe"
Microsoft plans to address the Microsoft products affected by this issue, primarily be in the form of security updates or defense-in-depth updates. However, as to third-party products, it is up to those vendors to provide patches for their affected software, which may take some time or, as Jerry Bryant indicated, may not be possible. As a result, the Microsoft Fix it Team has developed a Fix it solution to enable the Microsoft-recommended setting which blocks most network-based vectors.

Microsoft Fix it 50522 Steps:
  1. Download and then install update 2264107, available from the bottom of the page at KB 2264107.
  2. From the same page, click the Fix it button or link under the Enable this fix it heading. Click Run in the File Download dialog box, and then follow the steps in the fix it wizard.

    The Fix it solution will deploy the registry entry that is needed to block nonsecure DLL loads from WebDAV and SMB locations.
Note: The tool is limited to protecting against DLL preloading only and does not protect against .exe files that do not properly load files via a fully qualified path. As stated previously, the software vendors will be required to update those applications accordingly.

My System SpecsSystem Spec
31 Aug 2010   #16
Phone Man

Windows 8.1 Pro w/Media Center 64bit, Windows 7 HP 64bit
 
 

I did the update and the Fix and see if it breaks anything.

Jim
My System SpecsSystem Spec
01 Sep 2010   #17
G1LLY

Windows 7 Ultimate x64 SP1
 
 

I really hope Microsoft patches all those affected applications before Windows 7 SP1 goes final & then bundles the fixes in with SP1 as I really dislike the idea of downloading 40+ application updates if/whenever I want to do a clean install of Windows.

EDIT: Maybe that's too much wishful thinking.
My System SpecsSystem Spec
01 Sep 2010   #18
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Hi, G1LLY. Microsoft cannot fix third-party applications, only affected Microsoft products. It will be up to the individual vendors to update their software. This includes popular software programs such as Adobe, Avast, Keypass, Mozilla, Putty, Opera, Real, Roxio, Skype, etc.
My System SpecsSystem Spec
01 Sep 2010   #19
G1LLY

Windows 7 Ultimate x64 SP1
 
 

Quote   Quote: Originally Posted by Corrine View Post
Hi, G1LLY. Microsoft cannot fix third-party applications, only affected Microsoft products. It will be up to the individual vendors to update their software. This includes popular software programs such as Adobe, Avast, Keypass, Mozilla, Putty, Opera, Real, Roxio, Skype, etc.
Yeah, sorry I did mean only those applications developed by Microsoft
My System SpecsSystem Spec
01 Sep 2010   #20
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Ah, that's ok. I guess you missed this part: Microsoft plans to address the Microsoft products affected by this issue, primarily be in the form of security updates or defense-in-depth updates.
My System SpecsSystem Spec
Reply

 Critical bug in 40 different Windows apps




Thread Tools




Similar help and support threads
Thread Forum
Minimized apps and Running apps not on task bar
Hello All I upgraded from Vista Ultimate 32 to 7 Ultimate 32. The only quirk I cannot solve is that I see no apps on my task bar. ANd when I minimize a window it does not go to the task bar as it should. It look like a small minimized window. See attached...
General Discussion
Windows 8 with critical issue
Hello. I am facing difficulties with my dell studio 1458. It has original windows 7 backup on its recovery partition. After installation of win 8, I was not able to use some application so I decide to go back to my previous win 7. But as I cannot uninstall win 8, I format my HDD except recovery...
General Discussion
32 bit apps cannot connect to network. 64 bit apps can.
I can only connect to the network using 64 bit applications on Window 7 Pro SP1. The problem occured after installing the latest version of iTunes (may or may not be related). I uninstalled iTunes with no change. IE 32 bit crashes after opening. Firefox opens but gives Server Not Found...
Network & Sharing
Windows 7 Non-Critical Updates 6/28/11
Downloaded and installed.
News
Researcher: 40 Windows Apps Affected by Critical Flaw
Details...
News


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 08:44.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App