begood Posted July 1, 2010 Report Posted July 1, 2010 (edited) The Windows Help and Support Center vulnerability, the details of which have recently been made public by researcher Tavis Ormandy, is being heavily exploited in the wild.According to a recent post on Microsoft's Malware Protection Center Blog, public exploitation of the vulnerability started on June 15th, but those attacks were probably undertaken by other researchers, since they were targeted and rather limited.After that, the attacks became more widespread, and the targets more numerous. Microsoft claims that as of yesterday, over 10,000 separate computers have reported witnessing this attack. Computers in Portugal and Russia have seen by far the highest concentration of attacks:The attacks only increased with time. Microsoft started seeing "seemingly-automated, randomly-generated HTML and PHP pages hosting this exploit", and the goal of the attacks was to plant Trojans and viruses on the targeted system. For those users who don't use Microsoft's security solutions with updated signatures for the detection of the exploit, the company advises implementing the workaround listed in the advisory.cum sa va protejati de acest exploit :intrati in regedit via Start->run-> scrieti regedit.intrati pe cheia HKEY_CLASSES_ROOT\HCPde la file -> export ii faceti un backup sub numele de HCP_backup.regapoi o stergeti cu tasta delete.Microsoft Security Advisory (2219475): Vulnerability in Windows Help and Support Center Could Allow Remote Code Execution Edited July 1, 2010 by begood Quote
AlStar Posted July 1, 2010 Report Posted July 1, 2010 Multumim pentru avertizare si solutie, begood.Ormandy ala e tare Intai Java, acu' Microsoft. Are Gogu' cu ce sa se mandreasca. Quote
Flubber Posted July 1, 2010 Report Posted July 1, 2010 Pai e si normal, la ce altceva trebuiau sa se astepte cei de la Micro$oft? Logic ca au inceput oamenii sa exploiteze la greu si cred ca majoritatea vor sa faca botneti, rezultand un numar asa mare de "atacuri".Multumesc pentru fix! Quote
