Microsoft Security Advisory (2639658)

Discussion in 'other security issues & news' started by ronjor, Nov 3, 2011.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    http://technet.microsoft.com/en-us/security/advisory/2639658
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    That is a nasty bug (to allow such potential for damage). Sooner it is fixed the better
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
  4. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Thanks for this, Ron :thumb:
     
  5. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    Any thoughts on the odds of actually encountering this? I hate having to go around and run these fix-its on a dozen machines when a patch will be coming... sometime.
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    The bulletin mentions targeted attacks but low impact so far. I suppose if your machines are backed up and you do encounter the malware, you could restore backups.

    If you do decide to use the fixit, save the disable fixit in case you need it later.
     
  7. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Most AV Vendors are now offering full protection from all known variants.

    An out-of-band patch from Microsoft will not be forthcoming on Patch Tuesday, November 8 !!

    It has become known in the security community the MS Fix It 50792 Live Link re-enables the following two MS KB's to be offered via Windows Update that date to late last year, as follows: http://support.microsoft.com/?kbid=982132 & http://support.microsoft.com/?kbid=972270

    The general consensus is to disable the MS Fix It Live Link Reboot your PC, proceed with Windows Update as you normally would and re-implement the Fix It if you so choose to do so after you have successfully completed updating your operating system.
     
    Last edited: Nov 8, 2011
  8. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    Bulletin revised.
     
  9. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    I wouldn't bother, as stated it's pretty widely detected. MS have pushed out important individual updates in the past during the last week of the month, it's possible they will do so in november.
     
  10. HarderMechanicalEW

    HarderMechanicalEW Registered Member

    Joined:
    Nov 7, 2011
    Posts:
    1
    Location:
    Portland, OR
    I read that most security vendors already detect and block the main Duqu files. Has ESET addressed these files?
     
  11. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  12. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    ESET currently offers fulls protection from all known variants of Duqu You may also run this query

     
    Last edited: Nov 8, 2011
  13. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Thread bump.

    Microsoft PC Safety are available 24 hours for US and Canadian users at 1-866-727-2338
     
  14. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    Thanks for the Fixit link, Ron.
    I'm a little late to the party, but I did just apply the fix.
    Now I gotta remember to disable the fix before the next MS Updates.
    :)
     
  15. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    FWIW, I had to disable the Fixit in order to stop MS from continually offering two updates to me (KB982132 & KB972270).
    Prior to running the disabling fixit (50793), MS would continuously say,
    MS reportedly has already noted this...
    All well and good, but I have read one blogger who states,
    Sigh.
    From what I gather, the Fixit is best either left in place (with the continual offering of the two Updates taking place), or removed to allow the updates to install, and then enabled once again.
     
Loading...
Thread Status:
Not open for further replies.