 |
|
 |
| Sunday, September 05, 2010
|
| Register Login |
 |
|
|
|
|
Users currently online
|
 |
|
|
|
 |
Membership: |
 |
Latest:
SullyC |
 |
New Today:
0 |
 |
New Yesterday:
0 |
 |
Overall:
53 |
 |
People Online: |
 |
Visitors:
1 |
 |
Members:
0 |
 |
Total:
1 |
Online Now:
|
|
|
|
|
|
|
|
|
|
Welcome to the Viruswarning forums. All your original content has been ported to the new forums as well as new content and additional opportunities to interact with the authors of Viruswarn.com. You can always access old content at www.leedrake.com/forum . You may find some formatting was lost in the conversion and the older versions of the posts to be more readable....
But at least it's all here.
Enjoy!
|
|
|
|
|
|
Viruswarn Forums
|
|
|
|
|
| You are not authorized to post a reply.
|
|
| Author |
Messages |
|
David Gray
Posts:22
 |
| 11/09/2005 3:29 AM |
|
What Is It?
There are two updates today that affect most subscribers to this mailing list.
- Today is Patch Tuesday, the day each month when Microsoft publishes its regular (non emergency) security bulletins. Today's announcement contains one bulletin, Microsoft Security Bulletin MS05-053, "Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)." Although there is only one patch this month, it is significant, as it covers unchecked buffers in a Windows component that renders Windows Metafile graphics. According to Microsoft, the unchecked buffer can be used to run code of the attacker's choice on your machine, render your machine unresponsive, or take complete control of it. Fortunately for all of us, the affected WMF and EMF formats are not standard Web formats, which means that the most likely attack vector is an office document distributed by email.
- Version 7 of the Macromedia Flash Player has an unchecked buffer that could have the same effect as does the issue addressed in the Microsoft patch today. The current version is 8.0.22.0; however, media players are easily overlooked, and often fall behind until you try to view a file that requires a newer viewer.
What Should I Do?
I shall address each issue separately.
Windows Metafile Rendering Engine
The required action depends on how your machine is configured.
- If Automatic Update is enabled and set to download and install updates, be on the lookout for a prompt to install updates and restart, probably the next time you restart your computer.
- If Automatic Update is enabled and configured to alert you to new updates, be on the lookout for the alert, accept the update, and allow it to install.
- If Automatic Update is disabled or unavailable on your version of Windows (Windows 2000, NT), visit http://update.microsoft.com or review the security bulletin listed below in the References section for download instructions.
Macromedia Flash Player
The affected version is 7, which has been superseded by version 8, which is unaffected.
- If you have been keeping up to date, and you know that you have at least version 8 installed, there is nothing to do.
- If you are unsure what version you have and your Web browser is Internet Explorer, open the Manage Add-ins dialog from the Tools menu, highlight the Shockwave Flash Object, and click the Update ActiveX button, which will appear just above the OK button when you highlight that item.
- The Netscape browser, unfortunately, has no convenient way to discover the installed version of a plug-in. Please see the next section.
- Mozilla Firefox, not surprisingly (since it is based on the same code base as Netscape), likewise has no way to discover your player version. Please see the next section.
Since none of the three browsers provides a way to confirm plug-in versions, and only Internet Explorer provides a way to update the Flash plug-in, I created a small program to do the job. You can download the program from http://www.p6c.com/viruswarn/WWFlashDetector.exe. The program requires no installation; just run it after you download it and follow the prompts. Your final screen will look like the this.
Please be aware that this is a "quick and dirty" program, although it is functionally solid because the task it is given to do is rather straightforward. Nevertheless, I plan to create a smaller, simpler version shortly. Meanwhile, this one does the job.
References
This concludes this VirusWarn notice.
David Gray
WizardWrx, formerly P6 Consulting - Established 1985
V: +1 (940) 374-3177
TZ: USA Central, GMT -6
E: mailto:dagray@p6c.com
W: http://www.wizardwrx.com/
Tell me what you need, and I’ll conjure it.
|
|
|
|
|
|
| You are not authorized to post a reply. |
|
|
|
ActiveForums 3.6
|
|
|
|
|
|
|
|