As Usual, Your MS Based Platform Is Once Again Critically Vulnerable.

[Barney Fife]

According to McAfee Security briefing:

Microsoft has released a patch to address a critical remote-code-execution vulnerability in Microsoft Internet Explorer. The MS08-078 bulletin (Microsoft Internet Pointer Reference Memory Corruption Vulnerability) addresses the vulnerability for Microsoft Internet Explorer versions 5.01, 6, 7, and 8 Beta 2 running on Windows 2000 SP4, XP SP3, Server 2003 SP1, Vista SP1 and certain Server 2008 configurations.

Main threat sources: E-Mail; Locally logged-on user; Web and the threat level is critical.
On December 17, Microsoft released a patch to address this issue: KB960714.

The General risks consists of: Access and potential theft of personal data, Personal pass code access and theft.
A vulnerable Microsoft Internet Explorer may allow remote code execution. Exploitation would require users to visit a website that has specially crafted, nested XML tags.
Potential is high for infected users to experience the access and possible theft of personal information and data.
To ensure the best protection, McAfee advises you to download the latest MSFT patch for this Internet Explorer vulnerability.

What your looking for is Patch "KB960714"
To make sure you are up to date and got the patch: Go into "Add/Remove Programs, On the top of the Add/Remove dialog select "Show Updates" and look for the patch. It should have the patch number KB960714.

Update your Systems ASAP. This is serious; all you have to do is visit infected web-page and your system becomes puppet.

Good Luck.
Happy Holidays. :cheers:

 

[Iced_Eagle]

If you have your settings as default, you are already automatically patched by WU.

Just go run Windows Update, and install any updates it offers and you're good to go.

 

[PimpinPenguin]

Don't care since i use Firefox, so i was never vulnerable.

 

[Dog--]

*high fives Pimpin*

 

[Barney Fife]

If you have your settings as default, you are already automatically patched by WU.

Just go run Windows Update, and install any updates it offers and you're good to go.

True, but its never a mistake to check that you are covered. Statistics show about 40% of PC users aren't up to SP3. And by default, WU actually rely on user to install updates after DL. I have seen many people watching WU-shield on Task-Bar, day in and day out, not knowing what it is for.
And in a security briefing, one must not assume eveyone knows how to protect against a threat. Also WU does not check updates on daily basis unless user sets it to do so.

Take Care.

Don't care since i use Firefox, so i was never vulnerable.

Just because you are using a browser other than IE doesn't make you shielded from threats. I use Safari and I also use IE on the side at places where Safari isn't compatible.
Never say Never, as long as you're PC based; you are vulnerable.

Take care.

 

[PimpinPenguin]

Just because you are using a browser other than IE doesn't make you shielded from threats. I use Safari and I also use IE on the side at places where Safari isn't compatible.
Never say Never, as long as you're PC based; you are vulnerable.

Aye, i know by using Windows i'm still vulnerable to threats. I was just saying that i'm invulnerable to IE based threats cause i don't use IE at all. The only time i ever used IE on my PC was to get Firefox.