Firefox, uTorrent and PowerPoint hit by Windows DLL bug

Discussion in 'other security issues & news' started by Malcontent, Aug 24, 2010.

Thread Status:
Not open for further replies.
  1. Malcontent

    Malcontent Registered Member

    Joined:
    Dec 30, 2005
    Posts:
    451
    Location:
    Cleveland, Ohio USA
    http://www.theregister.co.uk/2010/08/24/windows_dll_casualties/
     
  2. RHE10

    RHE10 Registered Member

    Joined:
    Aug 8, 2010
    Posts:
    24
    I guess I chose a good day (yesterday) to change from FF to Chrome.
     
  3. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    I see on Secunia'a site that avast! Antivirus 5.x is listed as well. This stuff is not good.
     
  4. wearetheborg

    wearetheborg Registered Member

    Joined:
    Nov 14, 2009
    Posts:
    667

    It seems like this can be stopped dead in its tracks by SRP+LUA. :D
     
  5. prius04

    prius04 Registered Member

    Joined:
    Apr 14, 2007
    Posts:
    1,238
    Location:
    USA
    I found this to be rather disconcerting until I read the following:

    ..."An attacker would have to convince a user to click a link to their SMB (Server Message Block) or WebDAV (Web-based Distributed Authoring and Versioning) share and then convince the user to open a file from that share which would trigger additional dialogs prompting the user to OK the action."...

    http://gcn.com/articles/2010/08/25/powerpoint-firefox-users-at-risk-of-microsoft-vulnerability.aspx

    So, does this exploit require one heck of a lot of user interaction or what?
     
  6. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    I'm sure most of the folks on here aren't too worried about it. There are a lot of people that will do whatever they are prompted to do though. And those people will call me when they mess up their machine. :ouch:
     
  7. jmc777

    jmc777 Registered Member

    Joined:
    Aug 6, 2004
    Posts:
    244
    uTorrent 2.0.4 has a fix for this issue.
     
  8. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    The 2.0.4 release addresses the issue. uTorrent were one of the first third-party vendors to jump on whatever exploits were in their software and got them out ASAP (no plug intended or implied).

     
  9. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    You were reading my mind before I got to your post.
     
Loading...
Thread Status:
Not open for further replies.