Zero-day Windows bug problem worse than first thought.....

JMH

JMH

Banned
Local time
5:26 AM
Messages
6,448
An unpatched problem with Windows applications is much worse than first thought, with hundreds of programs, not just 40, vulnerable to attack, a Slovenian security company said today.

"It was a shocking surprise," said Mitja Kolsek, CEO of Acros Security. "It appears that most every Windows application has this vulnerability."

Yesterday, American researcher HD Moore announced that he had stumbled on about 40 Windows applications with a common vulnerability, but declined to name the programs or go into detail about the bug.

Today, Kolsek said that Acros has been digging into a new class of vulnerabilities for months, has found more than 200 flawed applications harboring more than 500 separate bugs, and reported its findings to Microsoft more than four months ago.

In other words, the problem is much more widespread than Moore let on Wednesday.
"We examined a bunch of applications, more than 220 from about 100 leading software vendors, and found that most every one had the vulnerability," said Kolsek. Acros built a specialized tool to help its researchers pinpoint which applications were vulnerable.

According to Kolsek, the bug is in how most applications load and execute code libraries -- ".dll" files in Windows -- and executables, including ".exe" and ".com" files. He dubbed the class of bugs as "remote binary planting," and said the flaws could be easily exploited.
Click to expand...
More -
Zero-day Windows bug problem worse than first thought, says security expert | Security Central - InfoWorld
 

My Computer My Computer

At a glance

Win 7 Ultimate 64-bit. SP1.Intel i7 -720QM.[1.6GHz Turbo Boost 2.8GHz. 6...8 DDR 3 RAM. 1066MHZATI 1024 MB. DDR3. Radeon HD5650
Computer Manufacturer/Model Number
LAPTOP. HP Pavilion dv7-4010TX .
OS
Win 7 Ultimate 64-bit. SP1.
CPU
Intel i7 -720QM.[1.6GHz Turbo Boost 2.8GHz. 6MB Cache.]
Memory
8 DDR 3 RAM. 1066MHZ
Graphics Card(s)
ATI 1024 MB. DDR3. Radeon HD5650
Monitor(s) Displays
17.3" High Definition Brightview LCD. LED Backlit.
Screen Resolution
1600 x 900.
Hard Drives
640GB
Case
Laptop / notebook.
Mouse
Logitech Anywhere mouse. MX.
Internet Speed
ADSL [ but too slow ]

My Computer My Computer

At a glance

Windows 8.1 Pro w/Media Center 64bit, Windows...Phenom II X6 1100TCrucial Balistic 8gb DDR3-1866 CL9MSI R6850 Cyclone IGD5 PE
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Home Built
OS
Windows 8.1 Pro w/Media Center 64bit, Windows 7 HP 64bit
CPU
Phenom II X6 1100T
Motherboard
ASUS M5A99X EVO
Memory
Crucial Balistic 8gb DDR3-1866 CL9
Graphics Card(s)
MSI R6850 Cyclone IGD5 PE
Sound Card
On Board
Monitor(s) Displays
ASUS VE258Q 25" LED with DVI-HDMI-DisplayPort
Screen Resolution
1920 x 1080
Hard Drives
Two WD Cavier Black 2TB Sata III, WD My Book Essential 2TB USB 3.0
PSU
Seasonic X650 80 Plus GOLD Modular
Case
Corsair 400R
Cooling
Antec Kuhler H2O 620, Two 120mm and four 140mm
Keyboard
Logitech K120
Mouse
Logitech Marble Mouse USB, Logitech Precision Game Pad
Internet Speed
15MB
Antivirus
Norton IS 2013, Malwarebytes Pro Beta 2
Browser
IE-11, FF-27
Other Info
APC UPS ES 750, Netgear WNR3500L Gigabit & Wireless N Router with SamKnows Test Program, Motorola SB6120 Gigabit Cable Modem. Brother HL-2170W Laser Printer, Epson V300 Scanner
People most likely to be impacted are those who use P2P file-sharing programs. Bold added to pertinent information from the Mitigating Factors in the Security Advisory:

This issue only affects applications that do not load external libraries securely.

For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.
 

My Computer My Computer

At a glance

Windows 7 & Windows Vista Ultimate
OS
Windows 7 & Windows Vista Ultimate
Thanks for the heads up Jan.:)
Put like that it sounds a pretty remote chance of getting a problem, Corrine. Think I'll stay close to home until it's fixed though.
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64 biti7 [email protected]2x4GB Corsair Vegeance DDR3XFX GTX 260 Black Edition
Computer Manufacturer/Model Number
The Monolith. 3.1
OS
Windows 7 Home Premium 64 bit
CPU
i7 [email protected]
Motherboard
Gigabyte Z77-D3H
Memory
2x4GB Corsair Vegeance DDR3
Graphics Card(s)
XFX GTX 260 Black Edition
Sound Card
none-through large stereo hi fi
Monitor(s) Displays
Croosover 27MDP LED IPS Dell 2408 WFP
Screen Resolution
2560x1440 1920x1200
Hard Drives
1x Samsung 840Pro 128GB SSD
1x Samsung Spinpoint F1 1TB
PSU
Corsair AX 850 Watt
Case
Cooler Master ACTS 840
Cooling
Be Quiet! Dark Rock Pro
Keyboard
Enermax Aurora
Mouse
Logitech Ballmouse
Internet Speed
20MBPS
Phone Man said:
Microsoft has issued an advisory on this problem with information and work arounds.

Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution

Jim :geek:
Click to expand...

Bill Pytlovany to the rescue with a simple work around for WinPatrol PLUS users!

Twitter / Corrine (MVP): RT @WinPatrol: WinPatrol P ...
RT @WinPatrol: WinPatrol PLUS users add protection from DLL(CWDIllegalInDllSearch) vulnerability BillP Studios - WinPatrol Registry Monitoring Scripts
Click to expand...
 

My Computer My Computer

At a glance

Windows 7 & Windows Vista Ultimate
OS
Windows 7 & Windows Vista Ultimate
You must log in or register to reply here.

Similar threads

Internet Explorer zero-day lets hackers steal files from Windows PCs
Replies
0
Views
625
Brink
Brink
New Cloudflare 1.1.1.1 fastest, privacy-first consumer DNS service
Replies
2
Views
2K
JoWazzoo
J
Mitigating Spectre variant 2 with Retpoline on Windows
Replies
0
Views
2K
Brink
Brink
Heartbleeding Out: Internet Security Bug Even Worse Than First Believe
Replies
16
Views
2K
scr
scr
IE zero-day bug leads to squabble between Microsoft, researcher
Replies
0
Views
2K
JMH
JMH
Back
Top