Windows vulnerability..

Started by Rick Nasher, June 02, 2019, 23:26:26

Previous topic - Next topic

Rick Nasher

_______________________________________
B3D + physics + shaders + X-platform = AGK!
:D ..ALIENBREED *LIVES* (thanks to Qube).. :D
_______________________________________

blinkok


Kryzon

Why do these articles never mention HOW you're supposed to get infected?


You receive junk mail with an executable/exploit attachment, and run it.
I have a strong feeling that if people were educated not to run any executable files from emails, even from close family, these epidemics would be fewer.

Qube

#3
Quote from: Kryzon on June 03, 2019, 00:41:58
Why do these articles never mention HOW you're supposed to get infected?
Because the author can't be bothered to research and craft a quality article. Instead they just cherry pick some cut and paste content to puff out their even puffier "We're all doomed" article as "We're all doomed" articles are easy click bait. No doubt their next article is on fluffy pink psychic bunnies as surely that headline will garner a few clicks too.
Mac Studio M1 Max ( 10 core CPU - 24 core GPU ), 32GB LPDDR5, 512GB SSD,
Beelink SER7 Mini Gaming PC, Ryzen 7 7840HS 8-Core 16-Thread 5.1GHz Processor, 32G DDR5 RAM 1T PCIe 4.0 SSD
MSI MEG 342C 34" QD-OLED Monitor

Until the next time.

Derron

The patch is required as the "Remote Desktop Service" is vulnerable.
The vulnerability does not require any user interaction and bypasses any ACL.

Might affect especially those who needed help with their Windows/Software/Computer.


bye
Ron

Kryzon

@Qube agreed, FUD is unhelpful in these cases.

@Derron still, the malicious code has to come from somewhere right? My point is, prevent the infection from happening in the first place, like the possible gateways (preventing people from running executable attachments without authorization from the IT dep. for example, easily done with automation).

Qube

Quote@Derron still, the malicious code has to come from somewhere right? My point is, prevent the infection from happening in the first place, like the possible gateways (preventing people from running executable attachments without authorization from the IT dep. for example, easily done with automation).
That's no good for this exploit as from a remote location it can execute code using the NT Authority\SYSTEM user privilege. So any user account lockouts for unauthorised app launches are just bypassed.
Mac Studio M1 Max ( 10 core CPU - 24 core GPU ), 32GB LPDDR5, 512GB SSD,
Beelink SER7 Mini Gaming PC, Ryzen 7 7840HS 8-Core 16-Thread 5.1GHz Processor, 32G DDR5 RAM 1T PCIe 4.0 SSD
MSI MEG 342C 34" QD-OLED Monitor

Until the next time.

Rick Nasher

Always funny to hear people still think infections can only happen after opening a nasty email attachment.

Nobody remembers the rpc stuff that infected Windows systems right after connecting to the internet on clean installs?
There will almost always be new exploits no one ever thought about.
_______________________________________
B3D + physics + shaders + X-platform = AGK!
:D ..ALIENBREED *LIVES* (thanks to Qube).. :D
_______________________________________

Qube

QuoteNobody remembers the rpc stuff that infected Windows systems right after connecting to the internet on clean installs?
Oh yeah, I remember that time alright. This period was when I worked in the industry. You'd build a PC, install Windows XP and anti virus software, connect to the web to do any updates and BOOM! infected. The first time I saw this I wondered if the boss had ordered some dodgy XP OEM DVD's :P

It was a real eye opener back then just how quick your PC could be infected with no interaction but simply being connected to the internet.
Mac Studio M1 Max ( 10 core CPU - 24 core GPU ), 32GB LPDDR5, 512GB SSD,
Beelink SER7 Mini Gaming PC, Ryzen 7 7840HS 8-Core 16-Thread 5.1GHz Processor, 32G DDR5 RAM 1T PCIe 4.0 SSD
MSI MEG 342C 34" QD-OLED Monitor

Until the next time.

Derron

That was the time of DSL modems being plugged straight into your computer (so publicIP:whateverPort -> your computer). Router setups of today help a lot already.

IPv6 will then again make you think about above (as port redirection as security method is no more).



Bye
Ron

Qube

QuoteThat was the time of DSL modems being plugged straight into your computer
It was the era of the dial up modem. A time that was great for our shop after a thunderstorm when it blew up many a computer ;D
Mac Studio M1 Max ( 10 core CPU - 24 core GPU ), 32GB LPDDR5, 512GB SSD,
Beelink SER7 Mini Gaming PC, Ryzen 7 7840HS 8-Core 16-Thread 5.1GHz Processor, 32G DDR5 RAM 1T PCIe 4.0 SSD
MSI MEG 342C 34" QD-OLED Monitor

Until the next time.

GaborD


RemiD

i have received a message from microsoft a few days ago, saying that the support of Windows 7 will soon end, and that there will be no more fixes / updates and so there may be problems with hackers in the future.
funny thing is that i have 2 computers with windows 7, both connected to the internet, since 2009 and 2011, and none of them use updates, only microsoft security essentials + windows malicious tool removal + malware bytes anti malwares (that i plan to replace with bitdefender). (+ epic browser to navigate on risky websites)
and not one problem happened ! ;)

Derron

your computers are:
- maybe not using cracks for apps
- not using cracked software (stuff from the cracks already applied)
- not exposed directly to the internet (port forwarding via ipv4 or directly connected via IPv6)

Plus you are may be  only visiting one of the big porn sites (which do not have so much drive-by-stuff) ;)

bye
Ron

RemiD

as i said, when i search for things on "risky" websites, i always use epic browser, which prevents a lot of hacking / unwanted installs...