[Share] Bls: window rushing out patch for vulnerability

vicky 1cankhan at gmail.com
Fri Jul 30 10:07:06 MYT 2010 

the blog in sophos named the windows
http://jumblebox.webs.com/
  ----- Original Message ----- 
  From: Komuniti oku 
  To: share at ncbm.org.my 
  Sent: Thursday, July 29, 2010 11:48 PM
  Subject: [Share] Bls: window rushing out patch for vulnerability


  Ini cerita windows yang mana satu?
  Blog saya Twitter saya Facebook saya Windows Live Messenger saya Yahoo messenger saya Skype: ultraman5984 Laman 1Malaysia Laman Facebook Dato Sri Najib Tun Abdul Razak


  Daripada: vicky 
  Tarikh: 29 July, 2010 11:14 AM
  Kepada: share at ncbm.org.my 
  Subjek: [Share] window rushing out patch for vulnerability


  It's been a busy 24 hours looking into this newest flaw in Windows. Lots of research has gone into it and most of the results are not good news for Windows
  users. It is important to think about this attack as two separate pieces, one that is a new zero-day vulnerability that could easily be adopted by any
  malware author, the other a unique payload that appears to be designed to go after some very specific infrastructure targets.

  For corporate users (unless you run a power plant, water system or other 
  SCADA
   system) the important part is the zero-day flaw. Warning: I am about to go a bit geeky.

  The flaw is in how shell32.dll tries to load control panel icons from applets. By making a specially crafted shortcut pointing to a malicious file, you
  can make Windows Explorer blindly execute the malicious file when the location of the shortcut is merely browsed to. In this case the malicious file is
  a rootkit and a dropper that immediately hide the special shortcut (.lnk) files. Allowing executable code to load in the process of trying to retrieve
  an icon seems like a major oversight in the design of Windows.
  to continue,  go to sophos below :
   http://www.sophos.com/blogs/chetw/g/2010/07/16/windows-day-attack-works-windows-systems/






------------------------------------------------------------------------------


  _______________________________________________
  Share mailing list
  Share at ncbm.org.my
  http://lists.ncbm.org.my/cgi-bin/mailman/listinfo/share



------------------------------------------------------------------------------


  _______________________________________________
  Share mailing list
  Share at ncbm.org.my
  http://lists.ncbm.org.my/cgi-bin/mailman/listinfo/share
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ncbm.org.my/pipermail/share/attachments/20100730/3e474afe/attachment.htm

More information about the Share mailing list