Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • December 05, 2016, 06:32:20 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Patch for new Critical Windows Flaw (MS07-061)  (Read 3409 times)

Ralf Maximus

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 927
    • View Profile
    • Read more about this member.
    • Donate to Member
Patch for new Critical Windows Flaw (MS07-061)
« on: November 15, 2007, 08:51:21 AM »
As queasy as I get whenever I run Windows Update nowadays, I think I'll do so for this one:

Quote
A remote code execution vulnerability exists in the way that the Windows shell handles specially crafted URIs that are passed to it. If the Windows shell did not sufficiently validate these URIs, an attacker could exploit this vulnerability and execute arbitrary code. Microsoft has only identified ways to exploit this vulnerability on systems using Internet Explorer 7. However, the vulnerability exists in a Windows file, Shell32.dll, which is included in all supported editions of Windows XP and Windows Server 2003.

My understanding is that this flaw has already been exploited in the wild, and has nasty consequences.  Theoretically an evildoer could execute *anything* on a compromised Windows workstation.

Windows NT, 2000, and Vista users: you're safe.

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Patch for new Critical Windows Flaw (MS07-061)
« Reply #1 on: November 15, 2007, 09:01:55 AM »
Yeah, I installed this yesterday and so far (Darwin raps his knuckles on his forehead) no problems to report  :D
"Some people have a way with words, other people,... oh... have not way" - Steve Martin

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 7,986
    • View Profile
    • Dales Computer Services
    • Donate to Member
Re: Patch for new Critical Windows Flaw (MS07-061)
« Reply #2 on: November 15, 2007, 09:11:17 AM »
Ditto

AndyM

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 616
    • View Profile
    • Donate to Member
Re: Patch for new Critical Windows Flaw (MS07-061)
« Reply #3 on: November 15, 2007, 12:31:50 PM »

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Patch for new Critical Windows Flaw (MS07-061)
« Reply #4 on: November 15, 2007, 12:56:13 PM »
check out

http://www.askwoody....ents.php?newsid=1763

Great. Thanks for alerting us. Thankfully, this isn't an issue for me... but still...
"Some people have a way with words, other people,... oh... have not way" - Steve Martin