<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content=text/html;charset=iso-8859-1>
<META content="MSHTML 6.00.6000.17063" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY id=MailContainerBody
style="PADDING-RIGHT: 10px; PADDING-LEFT: 10px; PADDING-TOP: 15px"
bgColor=#8ea8c4 leftMargin=0 topMargin=0 name="Compose message area"
CanvasTabStop="true">
<DIV><FONT face=Arial size=2>the blog in sophos named the windows</FONT></DIV>
<DIV><A href="http://jumblebox.webs.com/">http://jumblebox.webs.com/</A></DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=komuniti.oku@gmail.com href="mailto:komuniti.oku@gmail.com">Komuniti
oku</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=share@ncbm.org.my
href="mailto:share@ncbm.org.my">share@ncbm.org.my</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Thursday, July 29, 2010 11:48
PM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> [Share] Bls: window rushing out
patch for vulnerability</DIV>
<DIV><BR></DIV>
<DIV><FONT face=Calibri>Ini cerita windows yang mana satu?</FONT></DIV>
<DIV><A href="http://www.isihatiteddybearcute.blogspot.com/">Blog saya</A> <A
href="http://twitter.com/tai_cute">Twitter saya</A> <A
href="http://www.facebook.com/tai.cute">Facebook saya</A> <A
href="mailto:blind_boy007@live.com.my">Windows Live Messenger saya</A> <A
href="mailto:puteri_kencana_dewi1@yahoo.com.my">Yahoo messenger saya</A>
Skype: ultraman5984 <A href="http://www.1malaysia.com.my/">Laman 1Malaysia</A>
<A
href="http://www.facebook.com/pages/Dato-Sri-Najib-Tun-Abdul-Razak/27767103249">Laman
Facebook Dato Sri Najib Tun Abdul Razak</A></DIV>
<DIV style="FONT: 10pt Tahoma">
<DIV><BR></DIV>
<DIV style="BACKGROUND: #f5f5f5">
<DIV style="font-color: black"><B>Daripada:</B> <A title=1cankhan@gmail.com
href="mailto:1cankhan@gmail.com">vicky</A> </DIV>
<DIV><B>Tarikh:</B> 29 July, 2010 11:14 AM</DIV>
<DIV><B>Kepada:</B> <A title=share@ncbm.org.my
href="mailto:share@ncbm.org.my">share@ncbm.org.my</A> </DIV>
<DIV><B>Subjek:</B> [Share] window rushing out patch for
vulnerability</DIV></DIV></DIV>
<DIV><BR></DIV>
<DIV><FONT face=Arial size=2>It's been a busy 24 hours looking into this
newest flaw in Windows. Lots of research has gone into it and most of the
results are not good news for Windows<BR>users. It is important to think about
this attack as two separate pieces, one that is a new zero-day vulnerability
that could easily be adopted by any<BR>malware author, the other a unique
payload that appears to be designed to go after some very specific
infrastructure targets.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial size=2>For corporate users (unless you run a power
plant, water system or other <BR>SCADA<BR> system) the important part is
the zero-day flaw. Warning: I am about to go a bit geeky.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial size=2>The flaw is in how shell32.dll tries to load
control panel icons from applets. By making a specially crafted shortcut
pointing to a malicious file, you<BR>can make Windows Explorer blindly execute
the malicious file when the location of the shortcut is merely browsed to. In
this case the malicious file is<BR>a rootkit and a dropper that immediately
hide the special shortcut (.lnk) files. Allowing executable code to load in
the process of trying to retrieve<BR>an icon seems like a major oversight in
the design of Windows.</FONT></DIV>
<DIV><FONT face=Arial size=2>to continue, go to sophos below
:</FONT></DIV>
<DIV><FONT face=Arial size=2> <A
href="http://www.sophos.com/blogs/chetw/g/2010/07/16/windows-day-attack-works-windows-systems/">http://www.sophos.com/blogs/chetw/g/2010/07/16/windows-day-attack-works-windows-systems/</A><BR><BR></FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<P>
<HR>
<P></P>_______________________________________________<BR>Share mailing
list<BR>Share@ncbm.org.my<BR>http://lists.ncbm.org.my/cgi-bin/mailman/listinfo/share<BR>
<P>
<HR>
<P></P>_______________________________________________<BR>Share mailing
list<BR>Share@ncbm.org.my<BR>http://lists.ncbm.org.my/cgi-bin/mailman/listinfo/share<BR></BLOCKQUOTE></BODY></HTML>