[es] - Internet Explorer 7,8,9 pod napadom

Vodomar

Član broj: 145510
Poruke: 288

+37 Profil

^{18.09.2012. u 12:34 - pre 141 meseci}

Imamo novi 0-day napad na IE od autora koji su prethodnih nedelja napadali javu.

Naravno nadam se da ne koristite IE već Google Chrome eventualno Firefox.

Ipak,ovaj tekst na Ars Technici ima jedan značajan citat:

Citat:

Even when people don't actively use IE, many utilities and third-party applications make use of IE code. That opens the possibility that people on public WiFi systems and other unsecured networks could inject malicious code into a victim's Web traffic in an attempt to exploit the vulnerability.

"Just keep in mind that even if you don't use IE for day-to-day browsing, a lot of tools you use do embed IE and those are vulnerable," Moore said

.

Microsoft je noćas objavio Microsoft Security Advisory (2757760) obratite pažnju na sekciju Suggested Actions.

If you didn't go looking for it, don't install it. If you do install it, make sure you update it. And if
you no longer need it, remove it.

Goran Mijailovic

Član broj: 12684
Poruke: 6907

+437 Profil

Re: Internet Explorer 7,8,9 pod napadom

^{18.09.2012. u 13:26 - pre 141 meseci}

Citat:

Suggested Actions

Apply Workarounds

Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. See the next section, Workarounds, for more information.Deploy the Enhanced Mitigation Experience Toolkit

Enhanced Mitigation Experience Toolkit (EMET) is a utility that helps prevent vulnerabilities in software from successfully being exploited by applying in-box mitigations such as DEP to applications configured in EMET.

At this time, EMET is provided with limited support and is only available in the English language. For more information, see Microsoft Knowledge Base Article 2458544.

Configure EMET for Internet Explorer from the EMET user interface

To add iexplore.exe to the list of applications using EMET, perform the following steps:

Click Start, All Programs, Enhanced Mitigation Experience Toolkit, and EMET 3.0.
Click Yes on the UAC prompt, click Configure Apps, then select Add. Browse to the application to be configured in EMET.

For 32-bit installations of Internet Explorer the location is:
C:\Program Files (x86)\Internet Explorer\iexplore.exe

Note For 32-bit systems, the path is c:\program files\Internet Explorer\iexplore.exe

For 64-bit installations of Internet Explorer the location is:
C:\Program Files\Internet Explorer\iexplore.exe
Click OK and exit EMET.

Download:
Enhanced Mitigation Experience Toolkit v3.0
http://www.microsoft.com/en-us/download/details.aspx?id=29851

Enhanced Mitigation Experience Toolkit v3.5 Tech Preview
http://www.microsoft.com/en-us/download/details.aspx?id=30424

Vodomar

Član broj: 145510
Poruke: 288

+37 Profil

Re: Internet Explorer 7,8,9 pod napadom

^{18.09.2012. u 17:11 - pre 141 meseci}

Ovaj EMET je lepa stvarčica i pod njegovu zaštitu sam stavio sve .exe fajlove programa koji imaju internet pristup:pretraživače,playere,flash,javu(dok sam je imao),office programe,mail klijent(dok sam ga imao),uTorrent,pdf viewer...

If you didn't go looking for it, don't install it. If you do install it, make sure you update it. And if
you no longer need it, remove it.

Vodomar

Član broj: 145510
Poruke: 288

+37 Profil

Re: Internet Explorer 7,8,9 pod napadom

^{20.09.2012. u 00:15 - pre 141 meseci}

FIX IT!

Microsoft Security Advisory: Vulnerability in Internet Explorer could allow remote code execution
http://support.microsoft.com/kb/2757760

zvanični Update u petak

If you didn't go looking for it, don't install it. If you do install it, make sure you update it. And if
you no longer need it, remove it.

jvcdrama

Član broj: 292288
Poruke: 45
*.dynamic.isp.telekom.rs.

+20 Profil

Re: Internet Explorer 7,8,9 pod napadom

^{20.09.2012. u 02:09 - pre 141 meseci}

Citat:

Vodomar:
Ovaj EMET je lepa stvarčica i pod njegovu zaštitu sam stavio sve .exe fajlove programa koji imaju internet pristup:pretraživače,playere,flash,javu(dok sam je imao),office programe,mail klijent(dok sam ga imao),uTorrent,pdf viewer...

A sta radis sa sajtevima i ostalim glupostima koji ne sljakaju bez jave? Interesuje me jer me opasno smara ta java i imam osecaj da losije radi racunar sa njom.. Mozda je glupo pitanje, al ko pita ne skita :)

Vodomar

Član broj: 145510
Poruke: 288

+37 Profil

Re: Internet Explorer 7,8,9 pod napadom

^{20.09.2012. u 08:26 - pre 141 meseci}

vidi temu Vanredni Java update prvi post.

If you didn't go looking for it, don't install it. If you do install it, make sure you update it. And if
you no longer need it, remove it.

Goran Mijailovic

Član broj: 12684
Poruke: 6907

+437 Profil

Re: Internet Explorer 7,8,9 pod napadom

^{20.09.2012. u 16:26 - pre 141 meseci}

Sta rade ova dva Fix It-a?

Vodomar

Član broj: 145510
Poruke: 288

+37 Profil

Re: Internet Explorer 7,8,9 pod napadom

^{21.09.2012. u 14:49 - pre 141 meseci}

zaštita procesa bez emeta i podešavanje internet zona bez korisnika ali sačekaću update verovatno večeras posle 19h

If you didn't go looking for it, don't install it. If you do install it, make sure you update it. And if
you no longer need it, remove it.

Vodomar

Član broj: 145510
Poruke: 288

+37 Profil

Re: Internet Explorer 7,8,9 pod napadom

^{21.09.2012. u 18:30 - pre 141 meseci}

Microsoft Security Bulletin MS12-063 - Critical
Cumulative Security Update for Internet Explorer (2744842)

proverite Windows Update

i time je ova tema završena.

If you didn't go looking for it, don't install it. If you do install it, make sure you update it. And if
you no longer need it, remove it.