Welcome to BrightSite by bright.net Internet Services
bright.net Anti-Virus Page
Navigation
Recent Entries
¤ "Fake Antivirus" - Removal Tool Now Available
¤ Scheduled Maintenance - Scam Message
¤ XP Antivirus 2008 - Trojan
¤ MSNBC Spam
¤ CNN Scam Mail
¤ View All
¤ Scheduled Maintenance - Scam Message
¤ XP Antivirus 2008 - Trojan
¤ MSNBC Spam
¤ CNN Scam Mail
¤ View All
Links
Antivirus Programs
¤ Avast Antivirus
¤ AVG - Free Anti-Virus
¤ Avira AntiVir
Information
¤ Syamantec Virus Info
¤ Unwantedlinks.com
¤ Virus Encyclopedia
¤ Virus Hoax
Misc/Patches
¤ Mozilla Firefox (Browser)
¤ Sasser Patch - 2000/XP
¤ Zobot Patch
Removal Tools
¤ Avast! Removal Tool
¤ Beagel Removal
¤ Mytob Removal Tool
¤ Netsky Fix Tool
¤ Sasser Removal Tool
¤ Sober (Choose version)
¤ Sober.C Removal (NEW)
¤ Sober.X Removal
¤ Stinger - Virus Removal Tool
¤ Virus Removal Tool List
¤ Virus Utilities
¤ Zobot Removal Tool
Spyware Removal
¤ Ad-Aware
¤ CW Shredder
¤ Hijackthis
¤ Malwarebytes
¤ SpyBot - Search & Destroy
¤ Windows Defender
¤ Avast Antivirus
¤ AVG - Free Anti-Virus
¤ Avira AntiVir
Information
¤ Syamantec Virus Info
¤ Unwantedlinks.com
¤ Virus Encyclopedia
¤ Virus Hoax
Misc/Patches
¤ Mozilla Firefox (Browser)
¤ Sasser Patch - 2000/XP
¤ Zobot Patch
Removal Tools
¤ Avast! Removal Tool
¤ Beagel Removal
¤ Mytob Removal Tool
¤ Netsky Fix Tool
¤ Sasser Removal Tool
¤ Sober (Choose version)
¤ Sober.C Removal (NEW)
¤ Sober.X Removal
¤ Stinger - Virus Removal Tool
¤ Virus Removal Tool List
¤ Virus Utilities
¤ Zobot Removal Tool
Spyware Removal
¤ Ad-Aware
¤ CW Shredder
¤ Hijackthis
¤ Malwarebytes
¤ SpyBot - Search & Destroy
¤ Windows Defender
Virus News
Two New Vulnerabilities
Microsoft has published two advisories describing new vulnerabilities that pose a potential threat to Windows and Internet Explorer users. One of them is potentially critical and reminiscent of the recent WMF flaws, which brought Microsoft so much negative publicity over the festive period.
According to Microsoft, the new WMF vulnerability only affects computers running older versions of Internet Explorer and Windows. Program versions affected are Internet Explorer 5.01 Service Pack 4 running on Microsoft Windows 2000 Service Pack 4 and Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium. All other versions are safe. In vulnerable systems, however, arbitrary code could be executed and full control gained by a malicious user through specially crafted WMF images.
The method of attack is extremely similar to that involved in the previous WMF vulnerability. Users need only to view a compromised image on their computer, either by visiting a compromised website or opening a specially crafted email attachment. However, due to the relative infrequency of affected product combinations this problem is unlikely to be widespread. Currently Microsoft recommends users to upgrade to Internet Explorer 6 Service Pack 1, but does not rule out issuing a patch in the future.
The second vulnerability involves potential elevation of privileges by a malicious user in Windows XP Service Pack 1 and Windows Server 2003 through overly permissive access controls. Microsoft recommends users to download the latest patches, which solve this issue. The company states that it is currently unaware of any attacks which exploit this vulnerability.
According to Microsoft, the new WMF vulnerability only affects computers running older versions of Internet Explorer and Windows. Program versions affected are Internet Explorer 5.01 Service Pack 4 running on Microsoft Windows 2000 Service Pack 4 and Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium. All other versions are safe. In vulnerable systems, however, arbitrary code could be executed and full control gained by a malicious user through specially crafted WMF images.
The method of attack is extremely similar to that involved in the previous WMF vulnerability. Users need only to view a compromised image on their computer, either by visiting a compromised website or opening a specially crafted email attachment. However, due to the relative infrequency of affected product combinations this problem is unlikely to be widespread. Currently Microsoft recommends users to upgrade to Internet Explorer 6 Service Pack 1, but does not rule out issuing a patch in the future.
The second vulnerability involves potential elevation of privileges by a malicious user in Windows XP Service Pack 1 and Windows Server 2003 through overly permissive access controls. Microsoft recommends users to download the latest patches, which solve this issue. The company states that it is currently unaware of any attacks which exploit this vulnerability.
February 8th, 2006
bright.net does not support nor endorse these programs but have found some of them helpful. Many of the programs and links found on this page are for third-party applications and are to be used at your own risk. Should you encounter problems with the tools, you may need to consult a computer technician for further assistance.