Page 2 of 2 FirstFirst 12
Results 16 to 26 of 26
  1. #16
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    20,543
    Thanks
    1
    Thanked 614 Times in 550 Posts
    I understand that attacks on only IE 9 - 11 have been reported publicly so far. I just wanted no confusion about which versions are vulnerable.

    Joe

  2. #17
    4 Star Lounger
    Join Date
    Feb 2010
    Location
    Fairfax County, Virginia
    Posts
    439
    Thanks
    8
    Thanked 42 Times in 34 Posts
    Microsoft Warns of New IE Flaw, Will (Probably) Not Fix on Windows XP
    And so it begins
    Apr 28, 2014Paul Thurrott

    http://windowsitpro.com/paul-thurrot...fix-windows-xp

  3. #18
    2 Star Lounger
    Join Date
    Nov 2010
    Posts
    141
    Thanks
    0
    Thanked 8 Times in 8 Posts
    I just wish I can completely remove IE from my XP VM.

  4. #19
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    5,446
    Thanks
    128
    Thanked 495 Times in 455 Posts
    Quote Originally Posted by Prescott View Post
    We've already seen something similar to that right here. Or is it?
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Windows 8.1, 64 bit
    Motherboard: DX58SO2*Chipset: X58 Express/Intel ICH10*BIOS: SOX5820J.86A.0888.2012.0129.2203*Processor: Intel Core i7 CPU X 990
    GPU: Nvidia GTX 580*Memory: Corsair 12 GB, 4x3@1600*PSU: Corsair HX1000*Hard drives: REVO X2 160GB*OCZ VERT X3 120GB*5 mechanical storage drives (12 TB) total.

  5. #20
    4 Star Lounger
    Join Date
    Dec 2009
    Location
    New Hampshire USA
    Posts
    424
    Thanks
    12
    Thanked 36 Times in 33 Posts
    There's no need for a black market in XP patches going forward: a reasonably reliable source already exists at msfn.org, where people have been creating community-reviewed patches for Win98 and Win2K (perhaps others) - usually back-ported from MS's own patches for newer systems - for years and will doubtless be starting to do the same for XP now.

  6. #21
    4 Star Lounger
    Join Date
    Feb 2010
    Location
    Fairfax County, Virginia
    Posts
    439
    Thanks
    8
    Thanked 42 Times in 34 Posts
    Quote Originally Posted by - bill View Post
    There's no need for a black market in XP patches going forward: a reasonably reliable source already exists at msfn.org, where people have been creating community-reviewed patches for Win98 and Win2K (perhaps others) - usually back-ported from MS's own patches for newer systems - for years and will doubtless be starting to do the same for XP now.
    I didn't know about this. If they do start making patches for XP, and if they are able to keep up with the threats, this could be the answer.

    MSFN "Where People Go To Know"

  7. #22
    Star Lounger
    Join Date
    Dec 2009
    Location
    Buenos Aires, Argentina
    Posts
    54
    Thanks
    0
    Thanked 0 Times in 0 Posts

  8. #23
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    2,767
    Thanks
    81
    Thanked 340 Times in 307 Posts
    Quote Originally Posted by satrow View Post
    Rui, that exploit is currently being exploited on IE 9-11 where Flash ActiveX is enabled, it's a targeted at a specific group of users, as far as I can tell; no reports of it having hit XP users has yet emerged.
    There are now: Hackers ZERO IN on ZOMBIE XP boxes: Get patching, Internet Explorer 8 users

    Bruce

  9. #24
    4 Star Lounger
    Join Date
    Dec 2009
    Location
    New Hampshire USA
    Posts
    424
    Thanks
    12
    Thanked 36 Times in 33 Posts
    So let's see: XP users who are actually using IE rather than already using something more appropriate can protect themselves by disabling vgx.dll (as can any other IE users on other Windows systems). So the main headline is that XP users who DO use IE and DON'T bother disabling vgx.dll won't have their bacon saved by the emergency patch, right?

    Since I haven't used IE for many years this does seem like a tempest in a teapot to me, but in any event it's certainly not an example of an XP vulnerability that can't be mitigated to leave XP every bit as safe as it was a month ago.

  10. #25
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    2,767
    Thanks
    81
    Thanked 340 Times in 307 Posts
    Quote Originally Posted by - bill View Post
    So let's see: XP users who are actually using IE rather than already using something more appropriate can protect themselves by disabling vgx.dll (as can any other IE users on other Windows systems). So the main headline is that XP users who DO use IE and DON'T bother disabling vgx.dll won't have their bacon saved by the emergency patch, right?
    No, disabling vgx.dll and installing the patch are alternatives. Doing both is fine too. But disabling vgx.dll was the immediate workaround before the patch was available.


    Quote Originally Posted by - bill View Post
    Since I haven't used IE for many years this does seem like a tempest in a teapot to me, but in any event it's certainly not an example of an XP vulnerability that can't be mitigated to leave XP every bit as safe as it was a month ago.
    This time, yes. Next time?


    Bruce

  11. #26
    4 Star Lounger
    Join Date
    Dec 2009
    Location
    New Hampshire USA
    Posts
    424
    Thanks
    12
    Thanked 36 Times in 33 Posts
    Quote Originally Posted by BruceR View Post
    This time, yes. Next time?
    Good chance for 'yes' there too (there are often mitigation procedures available to use), though by no means a lock. The latter possibility was the whole point of the exercise I described about testing against current malware using good up-to-date browsers and third-party security software (and a hardware router with integral firewall) on top of an XP system unpatched for the last year or two: to see just how important XP security patches have been any time lately in a reasonably well-set-up environment as a guide to how important they're likely to be going forward.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •