|
|
User Controls
|
New User
|
Login
|
Edit/View My Profile
|
|
|
|
ActiveMac
|
Articles
|
Forums
|
Links
|
News
|
News Search
|
Reviews
|
|
|
|
News Centers
|
Windows/Microsoft
|
DVD
|
ActiveHardware
|
Xbox
|
MaINTosh
|
News Search
|
|
|
|
ANet Chats
|
The Lobby
|
Special Events Room
|
Developer's Lounge
|
XBox Chat
|
|
|
|
FAQ's
|
Windows 98/98 SE
|
Windows 2000
|
Windows Me
|
Windows "Whistler" XP
|
Windows CE
|
Internet Explorer 6
|
Internet Explorer 5
|
Xbox
|
DirectX
|
DVD's
|
|
|
|
TopTechTips
|
Registry Tips
|
Windows 95/98
|
Windows 2000
|
Internet Explorer 4
|
Internet Explorer 5
|
Windows NT Tips
|
Program Tips
|
Easter Eggs
|
Hardware
|
DVD
|
|
|
|
Latest Reviews
|
Applications
|
Microsoft Windows XP Professional
|
Norton SystemWorks 2002
|
|
Hardware
|
Intel Personal Audio Player
3000
|
Microsoft Wireless IntelliMouse
Explorer
|
|
|
|
Site News/Info
|
About This Site
|
Affiliates
|
ANet Forums
|
Contact Us
|
Default Home Page
|
Link To Us
|
Links
|
Member Pages
|
Site Search
|
Awards
|
|
|
|
Credits
©1997/2004, Active Network. All
Rights Reserved.
Layout & Design by
Designer Dream. Content
written by the Active Network team. Please click
here for full terms of
use and restrictions or read our
Privacy Statement.
|
|
|
|
|
|
|
|
Time:
12:35 EST/17:35 GMT | News Source:
Microsoft Press Release |
Posted By: Jonathan Tigner |
This configuration change to the Windows XP, Windows Server 2003 and Windows 2000 operating systems improves system resiliency to protect against the Download.Ject attack.
On Thursday, June 24, 2004, Microsoft responded to reports that some customers running IIS 5.0 (Internet Information Services), a component of Windows 2000 Server, were being targeted by malicious code, known as "Download.Ject." Internet service providers and law enforcement, working together with Microsoft, identified the origination point of the attack -- a Web server located in Russia -- and shut it down on Thursday, June 24, 2004. (Additional information about Download.Ject is available at
http://www.microsoft.com/security/incident/download_ject.mspx.)
The security of our customers’ computers and networks is a top priority for Microsoft, and we have been working around-the-clock to further address the criminal malware targeting Internet Explorer users. On Friday, July 2, 2004, Microsoft released a configuration change to the Windows XP, Windows Server 2003, and Windows 2000 operating systems that improves system resiliency to protect against the Download.Ject attack. The configuration change is currently available on Microsoft’s Download Center and will be made available later today on Windows Update.
Customers who have enabled automatic updates will receive the configuration change automatically.
|
|
#1 By
6859 (206.156.242.36)
at
7/2/2004 2:27:57 PM
|
Now the client (IE) side of this vulnerability is patched, couple this with MS04-011 (the server patch), this shouldn't be an issue anymore...except for the stupid and lazy.
|
#2 By
7797 (63.76.44.86)
at
7/2/2004 2:48:41 PM
|
Cthulhu:
So far you STILL have not:
1) Posted any links in support to your claim that "hardly anyone" has applied MS04-011
2) Pointed out ANY features Firefox is missing over Internet Explorer.
3) Answered how many of your non-computer literate friends and family know how to keep their system secure, whether you do it for ALL of them, or if they should have to PAY someone to do it for them.
So, lots of hot air out of you.. nothing to back it up.
|
#3 By
2960 (68.101.39.180)
at
7/2/2004 4:02:18 PM
|
Parkker,
In the last few months, I have removed Spyware from approximately 425 client user computers using IE.
I have removed it from ZERO computers using Firefox only.
Security holes my Ass....
TL
|
#4 By
7797 (63.76.44.86)
at
7/2/2004 4:09:50 PM
|
"You have to do a new install every 2 weeks just to keep up with the security holes."
Not true! FUD
"Now that you have to reboot Linux every 3-4 weeks just to keep up with security holes in the kernel "
Not true! FUD
" and more often to keep up other OSS security holes"
Not true! FUD
"the Firefox team has gone to a twice-a-month release schedule for bug and security fixes. "
Not true! FUD
"Nothing will make ordinary users tire of a product quicker than twice-a-month uninstall/download/install cyles. "
LOL you gotta be kidding. Of course Microsoft adopted a once a month patch cycle because people got tired of plugging holes every week leaving system admins unable to keep up.
This post was edited by tgnb on Friday, July 02, 2004 at 16:18.
|
#5 By
7797 (63.76.44.86)
at
7/2/2004 4:16:02 PM
|
"I have removed it from ZERO computers using Firefox only."
I can hear parkker's response already:
"Thats because there were ZERO computers using Firefox only"
...with a link to google's zeitgeist somewhere. ROFLMAO
This post was edited by tgnb on Friday, July 02, 2004 at 16:16.
|
#6 By
7797 (63.76.44.86)
at
7/2/2004 4:49:11 PM
|
Parkker this doesn't support your claim that they have "gone to a twice-a-month release schedule for bug and security fixes." yeah there was a 0.9 and a 0.9.1 that followed it. But this isnt the norm nor is it expected for the future. Otherwise we'd already have a 0.9.2
FUD FUD FUD!
This post was edited by tgnb on Friday, July 02, 2004 at 16:50.
|
#7 By
6859 (206.156.242.36)
at
7/2/2004 5:01:29 PM
|
1) Posted any links in support to your claim that "hardly anyone" has applied MS04-011
2) Pointed out ANY features Firefox is missing over Internet Explorer.
3) Answered how many of your non-computer literate friends and family know how to keep their system secure, whether you do it for ALL of them, or if they should have to PAY someone to do it for them.
(1) I don't have to post a link. The proof is in the sheer number of affected IIS running servers on the Internet. There's so many of them, that by comparison, there apparently were "hardly anyone" installed the patch. Had they chosen (universally) to do so, this issue would never have come up.
(2) In order to get Firefox up to IE's capabilities would require a dramatic rewrite of code. I'm not even going to bother pointing out all the things that are different between them. Base browsing functionality, notwithstanding. IE is part and parcel of the OS now, like it or not. That gives IE functionality that Firefox, even at version 10.0 they couldn't match. Believe it or not being part os the OS is not entirely a handicap in all things. Sure, it sucks as an exploit/vuln has direct access to the underlying OS at that point, but the benefits for programmers and developers outweigh the downside by many times. Ask your friendly neighborhoos ASP programmer. They'll let you know.
(3) How do they keep their systems up to date? It's called Automatic Update. You can set it up on any Windows machine. Perhaps you've heard of it?
I didn't answer you because your points against me were nothing of consequence. Had you acutally chosen to look up the answers yourself you'd know. You seem to like namecalling. We all have our little delusions, don't we...far be it from me to take away yours.
|
#8 By
7797 (63.76.44.86)
at
7/2/2004 5:25:59 PM
|
"(1) I don't have to post a link. The proof is in the sheer number of affected IIS running servers on the Internet. There's so many of them, that by comparison, there apparently were "hardly anyone" installed the patch. Had they chosen (universally) to do so, this issue would never have come up. "
a) you cant provide a link because such a link doesnt exist
b) you talk and talk about the "sheer" number yet i haven't seen one story that mentions how many were really infected. Show me the numbers baby. You made the claim and are unable to back it up with ONE measly link!
c) reportedly servers were compromised that were fully patched!
"The Storm Center and others are still investigating the method used to compromise the servers. Several server administrators reported that they were fully patched."
http://isc.sans.org/diary.php?date=2004-06-24
"(2) In order to get Firefox up to IE's capabilities would require a dramatic rewrite of code. I'm not even going to bother pointing out all the things that are different between them. Base browsing functionality, notwithstanding. IE is part and parcel of the OS now, like it or not. That gives IE functionality that Firefox, even at version 10.0 they couldn't match. Believe it or not being part os the OS is not entirely a handicap in all things. Sure, it sucks as an exploit/vuln has direct access to the underlying OS at that point, but the benefits for programmers and developers outweigh the downside by many times. Ask your friendly neighborhoos ASP programmer. They'll let you know. "
A lot more hot air yet you FAILED to mention just 1 single feature of Internet Explorer that Firefox lacks.
"(3) How do they keep their systems up to date? It's called Automatic Update. You can set it up on any Windows machine. Perhaps you've heard of it?"
My question wasnt how they keep their systems up to date. My question was how they keep their system secure. This is distinctively different because as we saw, even computers that were fully up to date were still vulnerable to attack unless manual steps were taken to change IE settings. Manual steps that a non-computer literate user most likely wouldnt know how to. You're not claiming that none of these family and friends of yours never ever got infected with a spyware or virus, are you? So their systems are always secured, and they did it all by themselves even though they aren't computer literate? (remembery i asked about the non-computer literate friends and family of yours). Did ALL of them have windows update set to automatically update? ALL OF THEM?
This post was edited by tgnb on Friday, July 02, 2004 at 17:30.
|
#9 By
6859 (206.156.242.36)
at
7/2/2004 6:02:02 PM
|
Nobody knows how many machines are infected. Repeat: nobody. There's no way to tell OTHER than to look at the propogation of the malicious code itself. There's a lot of machines out there that are spreading this, and they all can't have been hacked--which is what I bet happened. Recall that there (on your own link) are mentionings of Russian hacking of root DNS, which I am willing to bet is being done by (a) the same person(s) or an affilliated and friendly group. The fact that the main computer causing the issue is Russian and that the current .ORG DNA hacking is being done by Russians is not a coincidence.
Some of the machines I would be are compromised via direct hacking. "Fully patched". Yeah, ok. Personally, I think they're on drugs since you aren't fully patched just because the Add/Remove programs icon lists the KB and Q number as installed. You have to verify the DLL version number--on a server that's important. Remember the RPC problem of a while ago? People said they were patched, but the DLL didn't "hold" (if that makes any sense.) That I blame squarely on MS for a faulty installer. (Frankly, I don't know if they fixed it since then, but I did let them know about the issue.)
People can report that they're fully patched or compliant to save their jobs, but that doesn't make it true. The only way to know is if there was an actual accounting of the versions of the DLLs on the infected machines. So you have no choice but to ignore those statements until proof positive comes to light.
Since you're still yapping about my point #2, yet didn't apparently read my response, or failed to understand it when I wrote it, I'm going to skip your statement on that, except to say that IE, as part of the OS, has "hooks" into the underlying OS that Firefox does not have--thus giving enhanced functionality that a third-party developer could not know about because MS doesn't let that proprietary information become available--how else do you think that Office works so well with Windows? Clearly, MS doesn't have the only good programmers in the world.
How do they keep their systems secure? That's simple: they follow good guidelines.
(1) Turn on ICF or install a freeware firewall like Zone Alarm
(2) Create a user account that isn't "administrator" or that level and use that account for everything
(3) install antivirus and keep it up to date.
(4) Turn on automatic updates and have it set to install automatically without user intervention.
(5) Keep the computer off when not in use.
I didn't teach them these things, they just follow them. Even the most clueless person I know does this.
|
#10 By
7797 (68.142.9.161)
at
7/2/2004 7:05:15 PM
|
"Nobody knows how many machines are infected. Repeat: nobody."
Aha. So you admit that you pulled your original statement out of your ass! Glad thats settled then!
"except to say that IE, as part of the OS, has "hooks" into the underlying OS that Firefox does not have--thus giving enhanced functionality that a third-party developer could not know about because MS doesn't let that proprietary information become available"
I admit i didnt quite understand what you meant in the first post. Maybe it's because we have a different opinion about whether or not thats a feature. I would call that illegaly using a monopoly in windows to block competition.
"Even the most clueless person I know does this."
That can only mean a couple of things:
1) you dont know very many people
2) you are lying
I think anyone on this forum can make their own judgement on whether they should believe you that ALL your non computer literate friends and family knows to take all these steps you mentioned on their own in order to stay secure.
|
#11 By
2459 (69.22.124.228)
at
7/2/2004 7:19:17 PM
|
"except to say that IE, as part of the OS, has "hooks" into the underlying OS that Firefox does not have--thus giving enhanced functionality that a third-party developer could not know about because MS doesn't let that proprietary information become available"
I admit i didnt quite understand what you meant in the first post. Maybe it's because we have a different opinion about whether or not thats a feature. I would call that illegaly using a monopoly in windows to block competition.
For the most part I'd call it being a COM host, something other browsers could do if they implemented COM. Other browsers will have the similar limitations compared to IE with Avalon if they choose to also not to take advantage of that platform service.
|
#12 By
2332 (65.221.182.2)
at
7/3/2004 3:17:54 AM
|
Parkker, give it up... you've been repeatedly shown to be completely wrong on this. Pick your battles.
|
#13 By
135 (208.186.90.168)
at
7/3/2004 11:25:52 AM
|
I guess I still haven't been hit by this mystery worm.
Nor do I get spyware.
Where do you people come up with these accusations?
|
#14 By
2332 (65.221.182.2)
at
7/3/2004 12:29:37 PM
|
#33 - What the hell are you talking about?
I never said anything about you being wrong to quote anything.
What I'm saying is that it is very clear that Firefox is a safer browser to use than IE. I've already repeatedly stated why this is the case. You continue to either miss the point or ignore the point.
If you want to continue to use IE, fine. But don't try and get other people to assume the same risks you do simply for some misguided ideological quest.
There are plenty of anti-MS arguments that are illogical or invalid that you can attack. This, however, is not one of them. IE is a piece of junk.
|
#15 By
23275 (68.17.42.38)
at
7/4/2004 9:02:22 PM
|
Perhaps the first thing is to point out that not just individual criminals are behind these activities, but organized groups of criminals who have made theft of resources, identities and individual assets their business model. Aggressive policing and prosecution is essential and justifies our collective anger and disdain - not software companies.
The second thing is the responsibility any one of us has when we place a server on the public networks - securing one is not that difficult - a 1500.00 Watch Guard in routed mode with a one to one NAT configuration would be enough. There really is no excuse in that regard and it needs to be regarded as negligent to not take some kind of appropriate action to protect such resources.
Finally, there is individual responsibility - where a modern PC needs to be regarded in the same context as operating any vehicle on the public roadways - beginning with a bicycle and all the way up to a fleet of trucks. I mean seriously, not one among us does not know where our vehicles are pointed and will likely go...we need to educate users and require some conformance to standards.
ISP's need to take responsibility, too and monitor and restrict hostile traffic and be far more responsive to users requesting information and action.
How we can expect Microsoft, the NCSA, Mozilla, or any person in the OSS community to continue to carry all of this on their own is simply not consistent with any sense of what is right. We all need to step up and help all we can. As an organization we have taken on the very costly process of hardening every system we come across - paying for the software as required. It is that serious - these criminals and the threat they pose. It is time all who know, help out and permanently solve this problem. Thanks for the ear.
|
|
|
|
|