More zero-day attacks plague Microsoft users

Discussion in 'Computer Security' started by imhotep, Oct 1, 2006.

  1. imhotep

    imhotep Guest

    More zero-day attacks plague Microsoft users

    "Microsoft warned users of the issue on Thursday in a security advisory,
    saying that public report have pinpointed an ActiveX component as the
    source of the vulnerability, but that component merely exposes the
    vulnerable Windows shell. The flaw affects every version of the operating
    system, except for default installations of Windows 2003, the company said.

    Zero-day attacks, especially against Microsoft's Office products, have
    increased in frequency this year. On Tuesday, the company shored up a hole
    in its Internet Explorer Web browser, following a number of high-profile
    attacks that attempted to exploit the issue. The increasing trend of
    zero-day attacks has come at a time when researchers are increasingly
    taking Microsoft to task for its policies on the airing of flaw details."

    http://www.securityfocus.com/brief/317?ref=rss

    Imhotep
     
    imhotep, Oct 1, 2006
    #1
    1. Advertisements

  2. imhotep

    imhotep Guest


    Anyone wanna guess how long this one will be to patch???

    Imhotep
     
    imhotep, Oct 1, 2006
    #2
    1. Advertisements

  3. imhotep

    imhotep Guest

    I guess if that were true, people would never get infected with virsues,
    spyware and malware now would they? But since they do....

    Second, the lastest Microsoft critical security hole is a combination of a
    shell vulnerability and Actice-X....quite serious....

    Imhotep
     
    imhotep, Oct 1, 2006
    #3
  4. If you wish to originate your posting to all of the newsgroups to which I
    send
    this, and to which you sent the posting to which this is a reply, then will
    you
    please cease setting follow-ups to be different from what you are doing when
    you follow-up.

    A simple matter of etiquette is it not ??

    Roger
     
    Roger Abell [MVP], Oct 2, 2006
    #4
  5. imhotep

    Leythos Guest

    It's a old trolling tactic.
     
    Leythos, Oct 2, 2006
    #5
  6. Well, it certainly has become old.
    I just finally tired of the fragmented threads.

    Roger
     
    Roger Abell [MVP], Oct 2, 2006
    #6
  7. imhotep

    imhotep Guest

    Not sure why that pisses you off. This is the second serious security hole
    in Windows in less than a month. As such, it is good to keep everyone
    informed....
     
    imhotep, Oct 2, 2006
    #7
  8. imhotep

    imhotep Guest

    Whatever fool.
     
    imhotep, Oct 2, 2006
    #8
  9. imhotep

    imhotep Guest


    Roger, you participate as much as anyone and cause some as well...stop being
    a hypocrite.
     
    imhotep, Oct 2, 2006
    #9
  10. Bugger off if you cannot address the issue raised.
    I rarely use follow-up headers, and usually so indicate
    in the first line of my post when I do.
    Your use of them is just leaving everyone to either follow
    this in the IE sec group or to put up with a partial thread.
    If you reply to something in IE sec, posted only to IE sec
    then reply to it there and do not reestablish the full x-post
    list whereby your reply shows up without the replied-to.

    Roger
     
    Roger Abell [MVP], Oct 2, 2006
    #10
  11. I said nothing so crude as p*@! off !

    If you choose to inform a large audience, as your choice of x-post NGs
    indicated, then learn to control your usage of the follow-up header so
    that you actually do keep that large x-post group in the thread.
    If you are unable to learn how to use KNode so that it posts respectfully
    then perhaps you need a different news client.

    Roger
     
    Roger Abell [MVP], Oct 2, 2006
    #11
  12. imhotep

    imhotep Guest

    "Pissed off" is neither crude nor rude. It is saying in American English
    that translates to: Angry, etc


    Gee Roger, after going through the newspost the "follow up to" group is
    correct set to the group I first send this
    to "microsoft.public.internetexplorer.security". Is it that your news
    client is malfunctioning or you need a lesson on how to read news header
    information? If you do just let me know, I will help you out, again.

    This thread is about the second highly critical security hole in Microsoft's
    products in less than 3 weeks. If you have something to add, information,
    an etp (estimated time to patch) anything of importance, please do. Please
    also share the information with everyone since it affects so many. After
    all that *IS* what newsgroups are for: Sharing information.

    Now, do you have anything to share about this, the second highly critical
    security hole in the Windows platform?

    Imhotep
     
    imhotep, Oct 2, 2006
    #12
  13. imhotep

    imhotep Guest

    Roger, again, this thread is about the second highly critical security hole
    in Microsoft's platform in three weeks. If you have something to add or
    help all the people using Microsoft's products please do. Somethings needs
    to be done...

    If you are going to waste people's time with your endless wining about
    posting a security related post across multiple newsgroups, then you are
    just wasting everyone time. Aren't you?

    Questions:
    Do you have knowledge about an ETP (Estimated Time to Patch) from Microsoft?

    Do you have any knowledge about how people can protect themselves? Maybe not
    use IE?

    Do you have *any* relevant information to share?

    Imhotep
     
    imhotep, Oct 2, 2006
    #13
  14. Then why is it that you are sending your replies to more than that group?
    Please cure YOUR malfunction.
    If you believe you do want all follow-ups to go to only your first listed
    newsgroup, then NONE of your subsequent posts should go ANYWHERE
    except there.

    Roger
     
    Roger Abell [MVP], Oct 2, 2006
    #14
  15. imhotep

    imhotep Guest

    Can you *not* read?

    This thread is about the second highly critical security hole in Microsoft's
    platform. Information should be shared as this is affecting everyone
    (except default Windows server 2003). So, yes, I include this security post
    (and replies) in multiple security newsgroups. This is done intentionally.

    Now, that being said, do you have anything, anything whatsoever, to add or
    help people with regard to the security hole?
    Sending to multiple groups is designed so that people do not need to go to
    multiple groups. However, this security IS relevant in MULTIPLE security
    newsgroups.

    Roger, this is the last time I will waste my time with your foolish
    winning....

    I am beginning to see that you do not have any usefull information to share.
    You just want to wine and get some attention. Ok, you got your attention.
    Not let others add information that will help prevent users from being a
    victim of spyware, maleware and viruses.

    Im
     
    imhotep, Oct 2, 2006
    #15
  16. imhotep

    Leythos Guest

    Actually, your Usenet client is not properly configured and I have to
    edit every reply I make to you because of your improper use of "Follow
    Up"

    The messages in this thread are posted as follows:

    Newsgroups: microsoft.public.internetexplorer.security,
    microsoft.public.security, microsoft.public.security.homeusers,
    microsoft.public.windowsxp.security_admin

    You post with the following:
    Followup-To: microsoft.public.internetexplorer.security

    None of the rest of us do this - you are either doing it on purpose or
    you don't know what you are doing.
     
    Leythos, Oct 2, 2006
    #16
  17. imhotep

    Leythos Guest

    Then learn how to set a proper follow-up or just start posting it to
    that group, in addition to the others.

    Your current method is broken and makes you look like a troll.
     
    Leythos, Oct 2, 2006
    #17
  18. imhotep

    Leythos Guest

    If you can't follow posting/reply standard, and appear to not understand
    how to reply, then you should put your reply settings back to default -
    if you want to include the security group then do so, in the main list,
    but don't set follow-ups to a single group and then leave out the
    others.

    You are not fooling anyone.
     
    Leythos, Oct 2, 2006
    #18
  19. imhotep

    imhotep Guest

    It is called cross-posting. It is allowed via the protocols.

    What exactly *is* a troll? Cross-posting a news reply relating to a highly
    critical security hole to multiple security groups? Or replying to a thread
    about the lastest security hold in Windows taking about cross-posting?

    You and I definitely have a different definition about "trolling". I will
    leave it at that.

    Now, from now on let's stick to the topic and talk about the latest
    Microsoft security hole (Active-X/Shell)...I think we would all be better
    off don't you think?

    Any news on when a patch will be out?

    Any news on how to midigate this?

    What should "common" user do?

    Im
     
    imhotep, Oct 2, 2006
    #19
  20. I believe our attempts to assist Im in correct use of NNTP threading
    so that the discussion does reach the "MULTIPLE security" NGs in
    a meaningful, useful form will come to naught.
     
    Roger Abell [MVP], Oct 2, 2006
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.