Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • December 12, 2017, 04:02 PM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Patch for new Critical Windows Flaw (MS07-061)  (Read 3680 times)

Ralf Maximus

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 927
    • View Profile
    • Read more about this member.
    • Donate to Member
Patch for new Critical Windows Flaw (MS07-061)
« on: November 15, 2007, 08:51 AM »
As queasy as I get whenever I run Windows Update nowadays, I think I'll do so for this one:

A remote code execution vulnerability exists in the way that the Windows shell handles specially crafted URIs that are passed to it. If the Windows shell did not sufficiently validate these URIs, an attacker could exploit this vulnerability and execute arbitrary code. Microsoft has only identified ways to exploit this vulnerability on systems using Internet Explorer 7. However, the vulnerability exists in a Windows file, Shell32.dll, which is included in all supported editions of Windows XP and Windows Server 2003.

My understanding is that this flaw has already been exploited in the wild, and has nasty consequences.  Theoretically an evildoer could execute *anything* on a compromised Windows workstation.

Windows NT, 2000, and Vista users: you're safe.

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: Patch for new Critical Windows Flaw (MS07-061)
« Reply #1 on: November 15, 2007, 09:01 AM »
Yeah, I installed this yesterday and so far (Darwin raps his knuckles on his forehead) no problems to report  :D

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,014
    • View Profile
    • Donate to Member
Re: Patch for new Critical Windows Flaw (MS07-061)
« Reply #2 on: November 15, 2007, 09:11 AM »
Ditto

AndyM

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 616
    • View Profile
    • Donate to Member

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: Patch for new Critical Windows Flaw (MS07-061)
« Reply #4 on: November 15, 2007, 12:56 PM »
check out

http://www.askwoody....ents.php?newsid=1763

Great. Thanks for alerting us. Thankfully, this isn't an issue for me... but still...