And this will let WSUS work where the GPO didn't.. From: Joe Tinney [mailto:jtin...@lastar.com] Sent: Friday, July 10, 2009 9:32 AM To: NT System Admin Issues Subject: RE: IE zero day exploit Microsoft new for 1+ yrs of this flaw
That's the feeling I got from the MSRC Team blog.. "Customers who have already implemented the killbits manually or through the FixIt workaround won't need to implement next week's security update, though we recommend that you apply the update to ensure that reporting accurately shows that the systems are fully protected." http://blogs.technet.com/msrc/archive/2009/07/09/questions-about-timing-and-microsoft-security-advisory-972890.aspx From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, July 10, 2009 11:54 AM To: NT System Admin Issues Subject: RE: IE zero day exploit Microsoft new for 1+ yrs of this flaw They're probably just setting the same killbits that most of us already did this week. Carl From: Rob Bonfiglio [mailto:robbonfig...@gmail.com] Sent: Friday, July 10, 2009 10:08 AM To: NT System Admin Issues Subject: Re: IE zero day exploit Microsoft new for 1+ yrs of this flaw It won't be. They say so in the article. On Fri, Jul 10, 2009 at 9:55 AM, HELP_PC <g...@enter.it<mailto:g...@enter.it>> wrote: And who will assure us that Tuesday patches will be really definitive ? GuidoElia HELPPC ________________________________ Da: Rob Bonfiglio [mailto:robbonfig...@gmail.com<mailto:robbonfig...@gmail.com>] Inviato: venerdì 10 luglio 2009 14.56 A: NT System Admin Issues Oggetto: Re: IE zero day exploit Microsoft new for 1+ yrs of this flaw I'm not defending them....not knowing much about how the attack works it's hard for me to defend them; 16-18 months does seem like an excessive amount of time. But the fact that one of the discoverers of the vulnerability did kind of defend them in the article should be taken into account. This is a quote from the article: Although Reavey declined to get specific today, Smith, one of the researchers who reported the vulnerability, hinted at reasons. "The nature of this flaw is sort of unique," he said. "The mechanics of this are sort of unique as well. It was those unique qualities that required more time than Microsoft would normally need." Smith refused to criticize Microsoft for not patching sooner. "All along the way, they've told me how far things have progressed," he said of Microsoft's security team. "They would ping me every time they reached a milestone on the fix." On Fri, Jul 10, 2009 at 8:37 AM, Ziots, Edward <ezi...@lifespan.org<mailto:ezi...@lifespan.org>> wrote: http://www.computerworld.com/s/article/9135370/Microsoft_admits_it_knew_of_critical_IE_bug_in_early_08?source=CTWNLE_nlt_dailyam_2009-07-10 You know this type of stuff really burns me up, they knew since early 08 of this flaw, and did nothing about it, to fix it and get a patch out. No they gotta wait till hackers start exploiting this on a mass scale, and then they start paying attention. Scary part is how many other exploits do they know about that could have system-compromise type payloads, and haven't done anything about it. Again another PR nightmare and another black-eye for M$ because of there lack of due-diligence, has put customers at risk. Now note the fix is supposed to be coming out Tuesday for the various reported flaws ( including the last 2 IE ones) but it's a little too late when the bad guys already have plowed through thousands of computers and websites, with there exploits, and now those machines are apart of botnets, that are probably behind the spamming, and DDOS/DOS of GOVT sites, which has been posted on ISC from SANS. Any thoughts folks? Tell yeah TAM's Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + ezi...@lifespan.org<mailto:ezi...@lifespan.org> Phone:401-639-3505 ________________________________________ From: Eric Wittersheim [mailto:eric.wittersh...@gmail.com<mailto:eric.wittersh...@gmail.com>] Sent: Thursday, July 09, 2009 6:35 PM To: NT System Admin Issues Subject: Re: Trend Micro and IE zero day exploit hmm, makes me wonder if OpenDNS is offering something like this. I think I'll take a look. On Thu, Jul 9, 2009 at 5:07 PM, Devin Meade <devin.me...@gmail.com<mailto:devin.me...@gmail.com>> wrote: FYI - If you have Trend Micro Office Scan and are using the web reputation feature, you are covered: http://us.trendmicro.com/us/threats/microsoft-mpeg-vulnerability/index.html "Trend Micro products with Web Reputation technology currently block malicious URLs associated with this exploit." -- Devin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~