Microsoft Security Advisory (2219475)

Discussion in 'other security issues & news' started by ronjor, Jun 10, 2010.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,729
    Location:
    Texas
    Microsoft
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,729
    Location:
    Texas
    Microsoft
     
  3. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    what a stupid thing to do and endanger XP users. Scoring points while being detrimental to public at large.
     
  4. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Sanctioned by Google? I wonder. They are starting to jab at each other more and more.
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,729
    Location:
    Texas
    Microsoft via Twitter
     
  6. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,924
    Location:
    U.S.A.
     
  7. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Well done Google...
     
  8. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
    If I was getting sick of these Help and Support Center vulnerabilities from cropping up every year or two, would it be sufficient to just disable the Help and Support Service itself for good? I don't think I've ever used it anyway.
     
  9. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,924
    Location:
    U.S.A.
    noway, perhaps a better way (no pun intended) would be to set the service to manual instead of disable. Read BlackViper's Help and Support Win XP SP3 page.
     
  10. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  11. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,924
    Location:
    U.S.A.
     
  12. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Same | similar at The Register JR !

    Nasty stuff, expect an out-of-cycle KB fix from MS on this one.

    There is some interesting reading at above link.

    Thanks !
     
  13. wat0114

    wat0114 Guest

    Mitigating Factors
    • The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must click a link listed within an e-mail message.
    • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    It seems drive-by infections are probably the biggest concern, although running limited should help a great deal.
     
    Last edited by a moderator: Jun 30, 2010
  14. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    Very easily applied fix, indeed.
    I applied the MS Fix It solution, though I had to drop my browser's Run Safer setting in OA in order to grant myself admin rights to apply it. ;)
    I appreciate this thread and the useful info. Thanks, fellas.
     
Loading...
Thread Status:
Not open for further replies.