Page 1 of 1

Windows exploit XP Vista 7: need to update for security soon

Posted: Fri Nov 26, 2010 2:23 pm
by Chrisax
Source and details (Microsoft Gold certified partner):
http://www.prevx.com/blog/160/New-Windo ... inese.html
(Confirmed by others)

A 0-day exploit has been disclosed that could -and certainly will- be used by malware makers.

"Good news is that we have not yet detected any malware exploiting this flaw. Bad news is that the flaw has been published online. This could potentially become a nightmare due to the nature of the flaw. We expect to see this exploit being actively used by malware very soon - it's an opportunity that malware writers surely won't miss. "

All Windows XP/Vista/7 both 32 and 64 bit are vulnerable to this attack.

There is NO security patch available at the moment. MS is working on it.

Be cautious for a while, don't download software from sources that are not proved very reliable, and check for upcoming security updates!

Re: Windows exploit XP Vista 7: need to update for security soon

Posted: Sat Nov 27, 2010 6:35 pm
by noobas
Seen this in action already.

At least, I've been privy to the prompts.

What may happen is this:

You may visit a webpage, whose computer host is infected. A webpage will pop up that looks exactly like a windows defender page, and it will tell you to perform a security check, once that security check is done, the page asks you to download the "virus definition" or somehting like that from some mirror site.

Don't download the file!

This will infect your computer and the malware can easily exploit the register using the downloaded file.

As long as you just close the page that asks you to download the file, you're OK. I had this happen at work, and as long as you don't download the "virus definition" or whatever it's called, your computer won't get infected EVEN though the defender webpage says it is. The key is to look at which explorer is running.

If the windows defender is in INTERNET explorer, it's a hoax, if it's running in WINDOWS explorer, then you may have an issue.