Microsoft Security Advisory (943521)

Discussion in 'other security issues & news' started by ronjor, Oct 25, 2007.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    64,298
    Location:
    Texas
    Microsoft
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    It seems that the implementations of URI are too buggy :eek:
    New flaws involving URI handling are discovered on a daily basis (Adobe Reader, Firefox, Quick Time, etc)
    One more reason to disable/whitelist the use of browser plug-ins.
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    10,507
    Location:
    The Netherlands
    Yes, but when it comes to remote code execution exploits, a HIPS will probably block them. I did however see a demo that could kill the Skype tool just by clicking a link, and termination protection won´t help. But I assume that security tools don´t have any URI commands that can shut them down. :rolleyes:
     
  4. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Yes, HIPS do protect against remote code execution, but this is a big hole in Windows.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.