Firefox, uTorrent and PowerPoint hit by Windows DLL bug

Discussion in 'other security issues & news' started by Malcontent, Aug 24, 2010.

Thread Status:
Not open for further replies.
  1. Malcontent

    Malcontent Registered Member

    Joined:
    Dec 30, 2005
    Posts:
    451
    Location:
    Cleveland, Ohio USA
    http://www.theregister.co.uk/2010/08/24/windows_dll_casualties/
     
  2. RHE10

    RHE10 Registered Member

    Joined:
    Aug 8, 2010
    Posts:
    24
    I guess I chose a good day (yesterday) to change from FF to Chrome.
     
  3. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,692
    Location:
    USA
    I see on Secunia'a site that avast! Antivirus 5.x is listed as well. This stuff is not good.
     
  4. wearetheborg

    wearetheborg Registered Member

    Joined:
    Nov 14, 2009
    Posts:
    667

    It seems like this can be stopped dead in its tracks by SRP+LUA. :D
     
  5. prius04

    prius04 Registered Member

    Joined:
    Apr 14, 2007
    Posts:
    1,248
    Location:
    USA
    I found this to be rather disconcerting until I read the following:

    ..."An attacker would have to convince a user to click a link to their SMB (Server Message Block) or WebDAV (Web-based Distributed Authoring and Versioning) share and then convince the user to open a file from that share which would trigger additional dialogs prompting the user to OK the action."...

    http://gcn.com/articles/2010/08/25/powerpoint-firefox-users-at-risk-of-microsoft-vulnerability.aspx

    So, does this exploit require one heck of a lot of user interaction or what?
     
  6. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,692
    Location:
    USA
    I'm sure most of the folks on here aren't too worried about it. There are a lot of people that will do whatever they are prompted to do though. And those people will call me when they mess up their machine. :ouch:
     
  7. jmc777

    jmc777 Registered Member

    Joined:
    Aug 6, 2004
    Posts:
    244
    uTorrent 2.0.4 has a fix for this issue.
     
  8. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    The 2.0.4 release addresses the issue. uTorrent were one of the first third-party vendors to jump on whatever exploits were in their software and got them out ASAP (no plug intended or implied).

     
  9. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,735
    You were reading my mind before I got to your post.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.