Windows 7 to hit consumers with known security problem

[Abarbarian]

Might not be that important for single pc users. It is still a security risk that ain't been fixed or advertised by MS.

http://fsfe.org/news/2009/news-20091019-01.en.html

"Server Message Block (SMB) is a protocol which enables shared access to printers and files. SMB2 is a new version of this protocol, which was introduced with Windows Vista and Windows Server 2008, and which is also available on Windows 7. Current implementations of SMB2 are affected by this vulnerability. This is a new vulnerability, not the one described in Microsoft Security Advisory 975497. The listed operating systems can therefore still be successfully attacked even after installation of the updates of Microsoft's October patchday (MS09-050).

Currently there is no update or patch available from the vendor. The only recommended actions are to be aware of and track the vulnerability. As a workaround it can only be recommended to limit access to SMB2 servers to trusted systems by firewalls, or to disable the SMB2 service."

***********************************************


Mozilla blocks Microsoft's buggy Firefox plugin




http://www.techworld.com.au/article/322568/mozilla_blocks_microsoft_buggy_firefox_plugin




"Robert McMillan (IDG News Service) 18/10/2009 05:05:00
Tags: security, mozilla, Microsoft, firefox, exploits and vulnerabilities

Have your say!0
Mozilla developers have blocked a Firefox plugin that was quietly pushed out by Microsoft, saying that it presents a security risk.

Microsoft shipped the Firefox add-on as part of a .Net software update last February, causing outrage among some Firefox users, who complained that the software was sneaked onto their systems without their knowledge or approval and was extremely difficult to remove.

On Tuesday, Microsoft warned that Firefox users who have not applied a recent Internet Explorer patch were vulnerable to a "browse-and-get-owned attack" because of a bug in the Microsoft .Net Framework Assistant add-on."




So it took from February to October for MS to find and issue a fix, sounds dodgy to me.

 

[APK]

Couple ways to "work around" this... apk

Per my subject-line above:

#1: Go to your Windows "Advanced Firewall rules table" -> %windir%\system32\WF.msc

& add in these 4 rules into the OUTBOUND rules section:

Stop port 139 outbound on TCP
Stop port 445 outbound on TCP

&

Stop port 139 outbound on UDP
Stop port 445 outbound on UDP

(4 rules you will have to make, in total)

* This is what stops it from SENDING OUTBOUND (which is, part of the problem here, & what causes this vulnerability...)

#2: You MAY wish to create INBOUND rules as well, but, if you are part of a network that utilizes SMB fileshares/diskshares/foldershares, then, it may NOT be in your best interests to do so (for instance if you are part of a LAN/WAN, this is not for you, as you need those ports &/or services up & running to do file/folder/disk/print sharing)

APK

P.S.=> The server service, in services.msc, is another avenue to protect yourself from this, as it (along with File/Folder & Print sharing in your NETWORK CONNECTION are what allow this, alongside the Client for Microsoft Networks as well), & setting SERVER disabled, alongside the Client for Microsoft Networks + File/Folder & Print sharing being disabled in your NETWORK CONNECTION also AND stalling out the NetBIOS over TCP/IP service as well in services.msc...apk

 

[APK]

To verify my last post above? A link/url @ Microsoft... apk

http://www.microsoft.com/technet/security/advisory/977544.mspx

See that page @ Microsoft folks, in regards to setting firewall rules to stall this security vulnerability... it pretty much verifies what I stated above, & I like to post that type of information so others can get actual verification of what I wrote.

APK

P.S.=> That link above from MS goes into a LOT more detail than I do above, AND, it also verifies what I stated above as well (just for reference from "the horses' mouth @ MS" basically)... apk