Microsoft confirms nasty Windows zero-day bug
For now, Microsoft said users could block attacks by disabling the displaying of shortcuts, and turning off the WebClient service. Both moves require editing the Windows registry, a chore most people avoid for fear of crippling their computers. Disabling shortcut files also will make it more difficult for users to launch programs or open documents.
TRITON (TM) Securing the Borderless Enterprise: Download now
That advice is all the help that those still running Windows XP SP2, the service pack that was retired from all support last Tuesday, will get from Microsoft MCTS Training.
"Noticeably absent from [Microsoft's list of affected software] are Windows 2000 and Windows XP SP2 as they are no longer supported," said Wisniewski. "They are, however, definitely still vulnerable." Microsoft also retired all editions of Windows 2000 from support last week.
Wolfgang Kandek, the chief technology officer of Qualys, echoed Wisniewski's concerns about XP SP2 and Windows 2000 going patchless. "We assume the attack works against both of them and attackers will surely take advantage of this security hole ," Kandek said Saturday.
Related Content
* Massive check-fraud botnet operation tied to Russia
* AT&T: We don't intend to stop Black Hat demo
* Google patches Chrome, sidesteps Windows kernel bug
* Ensure 360-Degree Border SecurityWHITE PAPER
* This year's Defcon badge has a persistent display
* Automated software quality assurance really mattersBLOG
* Open source Razorback project targets malware, zero-day exploits
* VeriSign adds trust enhancements to its SSL products
* Email on Cruise Control: How to Guarantee Security, Speed and Confidence in EmailWHITE PAPER
* Bug reporting could be a hot topic at Black Hat
View more related content
Get Daily News by Email
Microsoft MCITP Certification said that all still-supported versions of Windows, including Windows XP SP3, Vista, Server 2003, Windows 7, Server 2008 and Server 2008 R2, contain the bug. The betas of Windows 7 SP1 and Server 2008 R2 SP1, which the company released last week, are also at risk.
Windows XP SP2 users must upgrade to XP SP3 to receive a patch for the shortcut flaw when it eventually ships
Transition your MCSA and MCSE on Windows Server 2003 skills to Windows Server 2008 Capitalize on your MCSA or MCSE on Windows Server 2003 with an expedited path to Windows Server 2008 certification. for more certkingdom.com
No comments:
Post a Comment