Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

Fast spreading Windows virus already compromised millions of computers

[es] :: Advocacy :: Fast spreading Windows virus already compromised millions of computers

[ Pregleda: 3634 | Odgovora: 7 ] > FB > Twit

Postavi temu Odgovori

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

Body Bag
/dev/null

Član broj: 82460
Poruke: 565
77.46.247.*



+4 Profil

icon Fast spreading Windows virus already compromised millions of computers19.01.2009. u 13:43 - pre 184 meseci
http://blogs.zdnet.com/security/?p=2388

http://www.itproportal.com/art...ts-more-9-million-windows-pcs/

Nazdravlje :)
Cudno ja sam mislio da su ove mass epidemije na Windozama stvar proslosti kako se ovde svojevremeno tvrdilo :D
Ali ocigledno cika Bili jos uvek nije dovoljno okrpio svoje musicave proizvode ;)
Power of simplicity - http://www.archlinux.org



 
Odgovor na temu

Ivan Dimkovic

Administrator
Član broj: 13
Poruke: 16683
*.dip.t-dialin.net.



+7169 Profil

icon Re: Fast spreading Windows virus already compromised millions of computers19.01.2009. u 14:57 - pre 184 meseci
Pa kada ljudi nece da instaliraju update-ove.

Zakrpa za to je postojala vec 4 meseca, i onda je neko posle 4 meseca napravio exploit wow... mislim, sta reci - dakle, za svakoga sa ukljucenim update-om nije postojao ni miliseknud rizika :)

Iz ovoga se moze zakljuciti da je ljudskoj gluposti jednostavno nemoguce doskociti - koliko god neko servisirao OS, uvek ce biti dovoljno nepatch-ovanih racunara. Uzgred, propust je "critical" samo za Windows NT kernele pre verzije 6 (znaci XP, Server 2003 i sl... ne Vista i Server 2008)

Mozda je jedino resenje mandatory patch - znaci da OS odbija da se kaci na net ako nije up-to-date, tj. bar "desktop' verzije za neiskusne korisnike.

Citat:

Ali ocigledno cika Bili jos uvek nije dovoljno okrpio svoje musicave proizvode ;)


Kao sto mozes procitati, sistem je bio okrpljen 4 meseca pre exploita i nije postojao nikakav 0-day, ne znam o cemu pricas... Nije to Debian pa da generise 2 godine nesigurne SSL sertifikate dok neko ne provali :)

Uostalom, net je mesecima bio pun nesigurnih SSL kljuceva zbog te ingenioznosti u Debian-u i to je i te kako exploitano - sto samo znaci da imas budala i neznalica na svim OS-evima. Ljudska glupost nema granica, rekao davno jedan pametan covek.

DigiCortex (ex. SpikeFun) - Cortical Neural Network Simulator:
http://www.digicortex.net/node/1 Videos: http://www.digicortex.net/node/17 Gallery: http://www.digicortex.net/node/25
PowerMonkey - Redyce CPU Power Waste and gain performance! - https://github.com/psyq321/PowerMonkey
 
Odgovor na temu

ilijev
Tunguzija

Član broj: 11329
Poruke: 167
*.zrlocal.net.



+1 Profil

icon Re: Fast spreading Windows virus already compromised millions of computers22.01.2009. u 09:49 - pre 184 meseci
Cemu sluzi Security Release ISO Image koji se nalazi na MS sajtu?
Predpostavljam da se tu nalaze zakrpe!?
Poceo sam da skidam KB913086-200901.ISO velicine 1Gb.
Ne pise sta je u fajlu, a trebace mi 2h da skinem. Na masini vec imam instaliran SP3
Da li neko ima iskustva sa ovim?
 
Odgovor na temu

Catch 22

Član broj: 148083
Poruke: 6176
77.46.189.*



+21 Profil

icon Re: Fast spreading Windows virus already compromised millions of computers22.01.2009. u 16:38 - pre 184 meseci
Citat:
ilijev: Ne pise sta je u fajlu, a trebace mi 2h da skinem.


Citat:
Security Releases ISO Image Publisher's Description
Security Releases ISO Image - Security updates for Windows
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on November 11th, 2008

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on November 11th, 2008. November 2008 Security and Critical Releases ISO Image does not contain security updates for any other Microsoft products.

This DVD5 ISO image file contains the security updates for Windows released on Windows Update on September 9th, 2008. The image does not contain security updates for other Microsoft products. This DVD5 ISO image is intended for administrators that need to download multiple individual language versions of each security update and that do not use an automated solution such as Windows Server Update Services (WSUS). You can use this ISO image to download multiple updates in all languages at the same time.

Important: Be sure to check the individual security bulletins at http://www.microsoft.com/technet/security prior to deployment of these updates to ensure that the files have not been updated at a later date.

This DVD5 image contains the following updates:
KB958644 / (MS08-067)
Windows 2000 - 24 languages
Windows Server 2003 - 18 languages
Windows Server 2003 x64 Edition - 11 languages
Windows Server 2003 for Itanium-based Systems - 4 languages

Windows XP - 24 languages
Windows XP x64 Edition - 2 languages
Windows Vista - 36 languages
Windows Vista for x64-based Systems - 36 languages
Windows Server 2008 - 19 languages
Windows Server 2008 x64 Edition - 19 languages
Windows Server 2008 for Itanium-based Systems - 4 languages

KB957097 / (MS08-068)
Windows 2000 - 24 languages
Windows Server 2003 - 18 languages
Windows Server 2003 x64 Edition - 11 languages
Windows Server 2003 for Itanium-based Systems - 4 languages
Windows XP - 24 languages
Windows XP x64 Edition - 2 languages
Windows Vista - 36 languages
Windows Vista for x64-based Systems - 36 languages
Windows Server 2008 - 19 languages
Windows Server 2008 x64 Edition - 19 languages
Windows Server 2008 for Itanium-based Systems - 4 languages

KB954459 / (MS08-069)
Windows XP - 24 languages
Windows Vista - 36 languages
Windows Vista for x64-based Systems - 36 languages
Windows Server 2008 - 19 languages
Windows Server 2008 x64 Edition - 19 languages
Windows Server 2008 for Itanium-based Systems - 4 languages

KB955069 / (MS08-069)
Windows 2000 - 24 languages
Windows Server 2003 - 18 languages
Windows Server 2003 x64 Edition - 11 languages
Windows Server 2003 for Itanium-based Systems - 4 languages
Windows XP - 24 languages
Windows XP x64 Edition - 2 languages
Windows Vista - 36 languages
Windows Vista for x64-based Systems - 36 languages
Windows Server 2008 - 19 languages
Windows Server 2008 x64 Edition - 19 languages
Windows Server 2008 for Itanium-based Systems - 4 languages

Requirements:

- Windows 2000 Service Pack 4; Windows Server 2003 Service Pack 1; Windows Server 2003 Service Pack 1 for Itanium-based Systems; Windows Server 2003 Service Pack 2; Windows Server 2003 Service Pack 2 for Itanium-based Systems; Windows Server 2003 Service Pack 2 x64 Edition; Windows Server 2008; Windows Vista; Windows Vista 64-bit Editions Service Pack 1; Windows Vista Business 64-bit edition; Windows Vista Enterprise 64-bit edition; Windows Vista Home Basic 64-bit edition; Windows Vista Home Premium 64-bit edition; Windows Vista Service Pack 1; Windows Vista Ultimate 64-bit edition; Windows XP Professional x64 Edition ; Windows XP Service Pack 2; Windows XP Service Pack 3

 
Odgovor na temu

EArthquake

Član broj: 20684
Poruke: 884
*.eunet.rs.



+67 Profil

icon Re: Fast spreading Windows virus already compromised millions of computers23.01.2009. u 19:42 - pre 184 meseci
to je onaj ms08-067 bug ?

interesantna stvarcica , ako je to to , u istom pacetu koda koje je bilo exploitano pre,cini mi se , dve godine

cak nije ni morao da se pise novi exploit , mala modifikacija starog
prvi eksploit je bio gotov u roku od par sati , a dva dana kasnije je bio dostupan metasploit modul za isti

nije me mrzelo da ih potrazim :)

stari exploit:
http://metasploit.com/svn/fram...windows/smb/ms06_040_netapi.rb

novi:
http://metasploit.com/svn/fram...windows/smb/ms08_067_netapi.rb


prilicno interesantan bug , prilicno straightforward za exploitovanje , ali nije bio primecen , definitivno nije pronadjen fuzzerom (pretpostavka)


naravno , bio je patchovan odmah , pravo je cudo doduse sto se tek sad pojavio worm , ocekivao sam ga mnogo ranije

nije MS kriv windowsasima koji ne patchuju masine ...
 
Odgovor na temu

Body Bag
/dev/null

Član broj: 82460
Poruke: 565
79.101.92.*



+4 Profil

icon Re: Fast spreading Windows virus already compromised millions of computers25.01.2009. u 12:22 - pre 184 meseci
Citat:
Ivan Dimkovic:Uzgred, propust je "critical" samo za Windows NT kernele pre verzije 6 (znaci XP, Server 2003 i sl... ne Vista i Server 2008)


Ma samo za XP,sitnica jedna-svega otprilike 70% trzista :D
Power of simplicity - http://www.archlinux.org



 
Odgovor na temu

Ivan Dimkovic

Administrator
Član broj: 13
Poruke: 16683
*.nyc.biz.rr.com.



+7169 Profil

icon Re: Fast spreading Windows virus already compromised millions of computers25.01.2009. u 13:17 - pre 184 meseci
Nebitno, propust je patchovan 4 meseca pre pojave tog virusa i nije postojao nikakav 0-day.

Sa stanovista odrzavanja softvera, Microsoft je odradio svoj posao - niko ko je koristio preporucenu konfiguraciju Windowsa nije bio ugrozen ni za milisekund.

E, sad, to sto ima N miliona pavijana koji ne odrzavaju svoj sistem to je vec tuzna istina, ali sta da se radi.
DigiCortex (ex. SpikeFun) - Cortical Neural Network Simulator:
http://www.digicortex.net/node/1 Videos: http://www.digicortex.net/node/17 Gallery: http://www.digicortex.net/node/25
PowerMonkey - Redyce CPU Power Waste and gain performance! - https://github.com/psyq321/PowerMonkey
 
Odgovor na temu

Catch 22

Član broj: 148083
Poruke: 6176
91.150.99.*



+21 Profil

icon Re: Fast spreading Windows virus already compromised millions of computers26.01.2009. u 00:10 - pre 184 meseci
Citat:
Body Bag: Ma samo za XP,sitnica jedna-svega otprilike 70% trzista :D

Treba valda nekako da se ubedi taj ogroman broj korisnika da je XP penzionisan i da je vreme da predju na aktuelni OS.
;)

PS
Ako bi postojao idiot-proof OS virusa ne bi ni bilo.
 
Odgovor na temu

[es] :: Advocacy :: Fast spreading Windows virus already compromised millions of computers

[ Pregleda: 3634 | Odgovora: 7 ] > FB > Twit

Postavi temu Odgovori

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.