• If you would like to get your account Verified, read this thread
  • The TMF is sponsored by Clips4sale - By supporting them, you're supporting us.
  • >>> If you cannot get into your account email me at [email protected] <<<
    Don't forget to include your username

The TMF is sponsored by:

Clips4Sale Banner

Very bad Windows security exploit

MistressValerie1

MistressValerie1

Administrator
Joined
Mar 5, 2003
Messages
8,738
Points
0
All Windows versions are at risk for a new, unpatched security flaw involving malicious image files. This flaw is being actively exploited. A full discussion and an unofficial patch (not from Microsoft) are here: http://castlecops.com/f212-hexblog.html

Most antivirus programs can detect most variants of the exploit; I recommend running an AV with realtime protection, and checking for signature updates hourly. (Avast is the only free antivirus reported to detect all variants at this time.) Browsing with Firefox is somewhat less risky than IE because it will prompt before opening Windows Metafiles -- always click "Cancel" if prompted. Also, more than ever, it is best to avoid visiting porn, music lyrics, or free games sites, all of which are notorious for spreading malware.
 
How do I get Avast???? My comp sucks...🙁
 
I've not heard of this exploit. Is this possibly why Avast has been updating nearly twice a day for me recently?
 
Note: Microsoft has said they will be releasing a patch for this sometime next week with their regular monthly update. (This is in the articles, but in case you don't have time to read those, be ready to update Windows next week.) However, it is still recommended by most sources that you apply the unofficial patch and/or (Probably smart to and) be very vigilant in your AV scanning.
 
lonelykimiko said:
I've not heard of this exploit. Is this possibly why Avast has been updating nearly twice a day for me recently?
Click to expand...
Exactly. Also, antivirus makers are gearing up for an expected attack of the Sober worm on January 6, so this is going to be a very difficult week.

This site also has security news, updated constantly: http://www.f-secure.com/weblog/

Best of luck to everyone!
 
so this means firewalls have no effect on this bugger, and anti-virus programs won't automatically detect the virus? so i have to do a full system scan about 2-3 times a day, huh?
 
Some firewalls with intrusion detection systems can block the exploit, and a list of antivirus products that detect and stop all known versions of the exploit is available at http://www.wilderssecurity.com/showthread.php?t=113538 (check the last post for the latest).

Manually scanning with an antivirus would be ineffective; only a realtime scanner (which most have enabled) will protect you. If your antivirus is not on the list of products that detects 100% or all but one, you should consider applying the unofficial patch if you use Win XP or 2000. Anyone running a server on Win 2003 should also consider the unofficial patch.
 
okay, so far ... no probs ... I have Norton Internet Security 200-whatever ... the latest version ...!! It's been updating like crazzzy as well ... with a little help from ... ME ... !!
 
Can someone explain the point of damaging viruses?

The original idea of a virus is that someone creates a little program, it finds its way onto another computer, copies itself there and then spreads. These original viruses caused no damage to the system intentionally, it was just a case of the maker haveing created his own little program and wanting it to spread.
Why did somebody decide it would be a funny idea to create a virus that intentionally spreads and damages computers? Its not funny, it screws up peoples computers... The whole mentality is something I just cant get my head around...
 
Yeah...a bit f***ed up really.

I recon the first damaging virus wasn't made on purpose. I recon the damaging qualities were a mistake.

Or there is some realy sick bugger who hates everyone.

:l

Either way, 'Tis annoying.
 
There are always some sadistic bastards who enjoy giving people's computers some hardly overcomable issues. :sigh:
 
Microsoft has released the patch early. It is available now through the Windows or Microsoft Update websites. I highly recommend grabbing it as soon as possible.
 
Full article about the early release is here: http://isc.sans.org/diary.php?storyid=1019

The original computer "virus" was created as a maintenance program that would replicate itself and travel along a network. Later, pranksters crafted practical-joke viruses to scare or annoy computer users, but today's virus writers are usually involved with organsied crime. Modern viruses are used to perform DDoS attacks, propogate spam, and steal users' banking and financial passwords.
 
Is there any way I can obtain this patch? I cant run the normal Windows update anymore.

>_>

You should know why.
 
Thankie sankie! I downloaded it and ran the intall so hopefully it'll protect me. =)
 
You must log in or register to reply here.
What's New

9/26/2024
The TMF Chatroom is always busy and its free1
Tickle Experiment
Door 44
Live Camgirls!
Live Camgirls
Streaming Videos
streaming tickling videos on demand at the TMF!
Tickling videos on demand!
Pic of the Week
Pic of the Week
Congratulations to
*** brad1701 ***
 The winner of our weekly Trivia, held every Sunday night at 11PM EST in our Chat Room
Back
Top