June 17, 2019, 04:45:29 PM

Author Topic: Windows vulnerability..  (Read 252 times)

Offline Rick Nasher

  • Hero Member
  • *****
  • Posts: 703
_______________________________________
 B3D + physics + shaders + X-platform = AGK!
:D ..ALIENBREED *LIVES* (thanks to Qube).. :D
_______________________________________

Offline blinkok

  • Jr. Member
  • **
  • Posts: 98
Re: Windows vulnerability..
« Reply #1 on: June 03, 2019, 12:24:36 AM »
Vista, XP, Windows 7 and 8

Offline Kryzon

  • Full Member
  • ***
  • Posts: 120
Re: Windows vulnerability..
« Reply #2 on: June 03, 2019, 12:41:58 AM »
Why do these articles never mention HOW you're supposed to get infected?


You receive junk mail with an executable/exploit attachment, and run it.
I have a strong feeling that if people were educated not to run any executable files from emails, even from close family, these epidemics would be fewer.

Offline Qube

  • Administrator
  • Hero Member
  • *****
  • Posts: 1900
Re: Windows vulnerability..
« Reply #3 on: June 03, 2019, 02:13:08 AM »
Why do these articles never mention HOW you're supposed to get infected?
Because the author can't be bothered to research and craft a quality article. Instead they just cherry pick some cut and paste content to puff out their even puffier "We're all doomed" article as "We're all doomed" articles are easy click bait. No doubt their next article is on fluffy pink psychic bunnies as surely that headline will garner a few clicks too.
Until the next time...

Offline Derron

  • Hero Member
  • *****
  • Posts: 2149
Re: Windows vulnerability..
« Reply #4 on: June 03, 2019, 07:18:46 AM »
The patch is required as the "Remote Desktop Service" is vulnerable.
The vulnerability does not require any user interaction and bypasses any ACL.

Might affect especially those who needed help with their Windows/Software/Computer.


bye
Ron

Offline Kryzon

  • Full Member
  • ***
  • Posts: 120
Re: Windows vulnerability..
« Reply #5 on: June 04, 2019, 12:07:07 AM »
@Qube agreed, FUD is unhelpful in these cases.

@Derron still, the malicious code has to come from somewhere right? My point is, prevent the infection from happening in the first place, like the possible gateways (preventing people from running executable attachments without authorization from the IT dep. for example, easily done with automation).

Offline Qube

  • Administrator
  • Hero Member
  • *****
  • Posts: 1900
Re: Windows vulnerability..
« Reply #6 on: June 04, 2019, 01:45:27 AM »
Quote
@Derron still, the malicious code has to come from somewhere right? My point is, prevent the infection from happening in the first place, like the possible gateways (preventing people from running executable attachments without authorization from the IT dep. for example, easily done with automation).
That's no good for this exploit as from a remote location it can execute code using the NT Authority\SYSTEM user privilege. So any user account lockouts for unauthorised app launches are just bypassed.
Until the next time...

Offline Rick Nasher

  • Hero Member
  • *****
  • Posts: 703
Re: Windows vulnerability..
« Reply #7 on: June 05, 2019, 01:16:32 AM »
Always funny to hear people still think infections can only happen after opening a nasty email attachment.

Nobody remembers the rpc stuff that infected Windows systems right after connecting to the internet on clean installs?
There will almost always be new exploits no one ever thought about.
_______________________________________
 B3D + physics + shaders + X-platform = AGK!
:D ..ALIENBREED *LIVES* (thanks to Qube).. :D
_______________________________________

Offline Qube

  • Administrator
  • Hero Member
  • *****
  • Posts: 1900
Re: Windows vulnerability..
« Reply #8 on: June 05, 2019, 01:34:08 AM »
Quote
Nobody remembers the rpc stuff that infected Windows systems right after connecting to the internet on clean installs?
Oh yeah, I remember that time alright. This period was when I worked in the industry. You'd build a PC, install Windows XP and anti virus software, connect to the web to do any updates and BOOM! infected. The first time I saw this I wondered if the boss had ordered some dodgy XP OEM DVD's :P

It was a real eye opener back then just how quick your PC could be infected with no interaction but simply being connected to the internet.
Until the next time...

Offline Derron

  • Hero Member
  • *****
  • Posts: 2149
Re: Windows vulnerability..
« Reply #9 on: June 05, 2019, 05:50:34 AM »
That was the time of DSL modems being plugged straight into your computer (so publicIP:whateverPort -> your computer). Router setups of today help a lot already.

IPv6 will then again make you think about above (as port redirection as security method is no more).



Bye
Ron

Offline Qube

  • Administrator
  • Hero Member
  • *****
  • Posts: 1900
Re: Windows vulnerability..
« Reply #10 on: June 05, 2019, 07:04:04 AM »
Quote
That was the time of DSL modems being plugged straight into your computer
It was the era of the dial up modem. A time that was great for our shop after a thunderstorm when it blew up many a computer ;D
Until the next time...

Offline GaborD

  • Sr. Member
  • ****
  • Posts: 281
Re: Windows vulnerability..
« Reply #11 on: June 05, 2019, 03:41:01 PM »
Good old days  ;D