Author Topic: Exploit for "Zero-Day" Vulnerability Detected by Microsoft  (Read 37405 times)

0 Members and 1 Guest are viewing this topic.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #45 on: April 03, 2007, 10:04:34 PM »
@Bob

Quote
Have you called MS ?

Calls are charged at national rate. I might try tomorrow but if they keep me hanging on the line, I'm not going to run up a huge phone bill.

Quote
False positives aren't anything new and this isn't any different.

It's not a false positive: two of their patches collided in a traffic accident for some customers and they want those customers to pay to have the situation fixed- or wait for the next XP service pack, which is so far off on the horizon it's invisible.

Quote
I'm sure if this related to Firefox, your words would be a little kinder.

I don't know what this has to do with Firefox, but if Mozilla asked me to phone up customer support to get a hotfix and possibly pay for it I'd be just as pissed off.

@johnny223

There is no link. There's a link to customer support. In the UK it's a national rate telephone number. The page also is not clear whether a charge will be made for taking the call.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86505
  • No support PMs thanks
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #46 on: April 03, 2007, 11:24:46 PM »
Calls are charged at national rate. I might try tomorrow but if they keep me hanging on the line, I'm not going to run up a huge phone bill.

If it is an 0870 number try a search on that number in http://www.saynoto0870.com/ and see if there is an alternative geographic number.

I signed up and use http://www.call18866.co.uk/ to make calls to geographic numbers, there is a connection charge of 5p, but the rest of the call is no charge, free.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.2.6003 (build 22.2.7013.717) UI 1.0.697/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 47024
  • 62 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #47 on: April 03, 2007, 11:29:25 PM »
Frank
I know it's not a false positive but the effect is similar.
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, Avast One 21.11, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bi

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #48 on: April 04, 2007, 09:14:34 AM »
Microsoft have obviously been reading my merciless ribbing and have put the hotfix on the web page:

http://support.microsoft.com/kb/935448/  8)

(Requires WGAPluginInstall.exe and GenuineCheck.exe.)

     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #49 on: April 04, 2007, 09:45:25 AM »
Hotfix applied and no more problems.  8)
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

avatar2005

  • Guest
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #50 on: April 04, 2007, 03:47:00 PM »
the update for ex-SU users is finally avaliable today. Yey! It takes Long time
 :-\ ???
« Last Edit: April 04, 2007, 03:49:28 PM by avatar2005 »

drhayden1

  • Guest
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #51 on: April 04, 2007, 05:02:29 PM »
what more next week ??? ::)
Next week is Patch Tuesday again:
Microsoft Security Bulletin Advance Notification
http://www.microsoft.com/technet/security/bulletin/advance.mspx
Updated: April 3, 2007

The next security bulletin advance notification is scheduled for April 5, 2007, and will outline information for the April 10, 2007 security bulletin release.

or am i reading it wrong ??? ???
« Last Edit: April 04, 2007, 05:24:37 PM by drhayden1 »

avatar2005

  • Guest
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #52 on: April 05, 2007, 08:13:26 PM »
Yes I Think You are right, as far as I understood the next update will be on 10th of April 2007. ::)
but I have a hypothetical question: are there some time to come, when Microsoft will fix all the holes in their Windows family product line? ::) ::) ??? ??? :-\

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 47024
  • 62 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #53 on: April 05, 2007, 09:22:22 PM »
Yes I Think You are right, as far as I understood the next update will be on 10th of April 2007. ::)
but I have a hypothetical question: are there some time to come, when Microsoft will fix all the holes in their Windows family product line? ::) ::) ??? ??? :-\
Yes, right after people stop exploiting holes...... ;D :) ;D
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, Avast One 21.11, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bi

Offline OrangeCrate

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 798
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #54 on: April 06, 2007, 12:34:29 AM »
Yes, right after people stop exploiting holes...... ;D :) ;D

Agreed, and I might add to that, when people stop running through the Internet barefooted and blind...

One of my favorite quotes:

"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the universe trying to produce bigger and better idiots. So far, the universe is winning." -Rich Cook
« Last Edit: April 06, 2007, 12:40:46 AM by OrangeCrate »

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 47024
  • 62 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #55 on: April 06, 2007, 12:40:07 AM »
Quote
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the universe trying to produce bigger and better idiots. So far, the universe is winning. -Rich Cook"
Confucius says  "People who skate the net without a condom are sure to wind up with a pregnant roller skate."  ;D
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, Avast One 21.11, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bi

avatar2005

  • Guest
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #56 on: April 06, 2007, 01:19:12 PM »
 ;D Funny, but true ;D

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33585
  • malware fighter
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #57 on: April 09, 2007, 12:31:54 AM »
Hi malware fighters,

The Microsoft patch has again caused trouble in Germany where an online taxpayers' program became corrupted through downloading the patch. The hotfix for this was not available on the german site at the time, but on an english site. The deadline for the german tax-collect is April 10th.
Haven't we developed all sorts of methods and techniques in software engineering to keep errors limited to a specific components, where changes in the implications of components or components do not have to lead to errors and failure. If the result of some buffer-overflow in the animated-mouse-cursor-component makes an application fail to respond, we have a case of "leaky abstractions", ill-chosen interfaces or a row of simple errors. When it was the first time this occured we could forgive M$, but this is not the first time....

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 47024
  • 62 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #58 on: April 09, 2007, 03:00:58 AM »
Quote
When it was the first time this occurred we could forgive M$, but this is not the first time....
Why isn't the blame put on the folks that caused the need for a patch in the first place.  ???
Why is it Microsoft's fault that hackers are breaking their code ???
This is like blaming  the homeowner for allowing a thief brake into his home.  ??? ??? ???
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, Avast One 21.11, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bi

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86505
  • No support PMs thanks
Re: Exploit for "Zero-Day" Vulnerability Detected by Microsoft
« Reply #59 on: April 09, 2007, 03:50:02 AM »
They aren't breaking MS's code, rather finding vulnerabilities and exploiting them. The code was/is already broken.

The home owner who leaves the doors or windows open can hardly be surprised when they are burgled. Lock the doors and windows and you can rightly feel aggrieved at getting burgled.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.2.6003 (build 22.2.7013.717) UI 1.0.697/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security