Re: New IE zero day exploit in the wild

Tue, 07 Jul 2009 09:41:15 -0700 

I'm just pushing out the .reg file in the login script:

     regedit /s \\fileserver\public\patches\videokillbits.reg

The file was easy to create, in a capable editor (not notepad or
wordpad) that allows metacharacter search and replace, such as '\n'
for CRLF and '\t' for tab. I used the ancient, no-longer-supported
PFE32. I really should switch to VIM, I suppose.

On Tue, Jul 7, 2009 at 08:40, Eric
Wittersheim<[email protected]> wrote:
> I'm pushing out the .reg via GP.  So far so good.
>
> On Tue, Jul 7, 2009 at 10:38 AM, David Lum <[email protected]> wrote:
>>
>> The “Microsoft fix-it” is an MSI that I am pushing via SMS and is pushing
>> fine (so far just a few test cases have it, but no issues). Beats trying to
>> push out a .REG or something…
>>
>>
>>
>> David Lum // SYSTEMS ENGINEER
>> NORTHWEST EVALUATION ASSOCIATION
>> (Desk) 971.222.1025 // (Cell) 503.267.9764
>>
>>
>>
>>
>>
>>
>>
>> From: J Kyo [mailto:[email protected]]
>> Sent: Tuesday, July 07, 2009 8:18 AM
>> To: NT System Admin Issues
>> Subject: Re: New IE zero day exploit in the wild
>>
>>
>>
>> Curious if anyone has used the "Microsoft Fix It" from:
>> http://support.microsoft.com/kb/972890.
>>
>> On Mon, Jul 6, 2009 at 6:24 PM, Carl Houseman <[email protected]>
>> wrote:
>>
>> Recommendation from MS is to set the killbits everywhere.
>>
>>
>>
>> http://www.microsoft.com/technet/security/advisory/972890.mspx
>>
>>
>>
>> Carl
>>
>>
>>
>> From: Ken Schaefer [mailto:[email protected]]
>> Sent: Monday, July 06, 2009 9:06 PM
>>
>> To: NT System Admin Issues
>>
>> Subject: RE: New IE zero day exploit in the wild
>>
>>
>>
>> Seems to be XP / Windows Server 2003 only?
>>
>> Cheers
>>
>> Ken
>>
>>
>>
>> ________________________________
>>
>> From: Alex Eckelberry [[email protected]]
>> Sent: Tuesday, 7 July 2009 5:56 AM
>> To: NT System Admin Issues
>> Subject: New IE zero day exploit in the wild
>>
>> Our labs have confirmed this and it is quite nasty.  Best bet for now is
>> to set the killbits. Or don't use IE.
>>
>>
>>
>> Some references:
>>
>>
>>
>> Microsoft:
>>
>>
>>
>> http://www.microsoft.com/technet/security/advisory/972890.mspx
>>
>>
>>
>> SANS:
>>
>>
>>
>> http://isc.sans.org/diary.html?storyid=6733
>>
>>
>>
>> I would take this one quite seriously.
>>
>>
>>
>> Alex
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Reply via email to