NeuroTalk Support Groups

NeuroTalk Support Groups (https://www.neurotalk.org/)
-   Computers and Technology (https://www.neurotalk.org/computers-and-technology/)
-   -   New IE Zero-Day Exploit Leads to PoisonIvy (https://www.neurotalk.org/computers-and-technology/177051-ie-zero-day-exploit-leads-poisonivy.html)

Jomar 09-26-2012 12:27 PM
New IE Zero-Day Exploit Leads to PoisonIvy
 
New IE Zero-Day Exploit Leads to PoisonIvy

[We’re currently investigating a new zero-day exploit that affects Internet Explorer versions 7, 8, and 9. The exploit, which is detected by Trend Micro as HTML_EXPDROP.II, is found to be hosted in {BLOCKED}.{BLOCKED}.104.149. Incidentally, this server also hosted the Java zero-day exploit reported last August 30.

Based on our initial analysis, when executed, HTML_EXPDROP.II drops a malicious .SWF file (SWF_DROPPR.II). The .SWF file then drops a backdoor detected as BKDR_POISON.BMN. More information the analysis will be posted in this entry.]
http://blog.trendmicro.com/trendlabs...-to-poisonivy/

************************************************** ****

Microsoft released a patch last Friday, so hopefully your system got that security update, you might double check to see if you got it or not.

MelodyL 09-28-2012 08:36 PM
Quote:
Originally Posted by Jo*mar (Post 917619)
New IE Zero-Day Exploit Leads to PoisonIvy

[We’re currently investigating a new zero-day exploit that affects Internet Explorer versions 7, 8, and 9. The exploit, which is detected by Trend Micro as HTML_EXPDROP.II, is found to be hosted in {BLOCKED}.{BLOCKED}.104.149. Incidentally, this server also hosted the Java zero-day exploit reported last August 30.

Based on our initial analysis, when executed, HTML_EXPDROP.II drops a malicious .SWF file (SWF_DROPPR.II). The .SWF file then drops a backdoor detected as BKDR_POISON.BMN. More information the analysis will be posted in this entry.]
http://blog.trendmicro.com/trendlabs...-to-poisonivy/

************************************************** ****

Microsoft released a patch last Friday, so hopefully your system got that security update, you might double check to see if you got it or not.
Well, if ANYBODY understood this, would they please translate? I first thought someone got poison ivy, then I carefully read the message one more time and and didn't understand one line. Usually I can understand SOMETHING in these messages, but this time, WENT OVER MY HEAD BIG TIME.

I've got to do more computer reading. lol

Melody

Jomar 09-28-2012 11:20 PM
Basically , Microsoft's IE browsers have a security hole, but if you got the windows update on last Friday, you should be fine.
If not do a manual windows update just to be sure.



Internet Explorer Fix it available now; Security Update scheduled for Friday
MSRCTeam
19 Sep 2012 3:20 PM

[Then, on this Friday, Sept. 21, we will release a cumulative update for Internet Explorer through Windows Update and our other standard distribution channels. We recommend that you install this update as soon as it is available. If you have automatic updates enabled on our PC, you won’t need to take any action – it will automatically be updated on your machine. This will not only reinforce the issue that the Fix It addressed, but cover other issues as well.]
http://blogs.technet.com/b/msrc/arch...or-friday.aspx

Icehouse 09-29-2012 07:39 AM
And this is the 84,934th reason NOT to use IE :p

MelodyL 09-29-2012 09:19 AM
Quote:
Originally Posted by Jo*mar (Post 918242)
Basically , Microsoft's IE browsers have a security hole, but if you got the windows update on last Friday, you should be fine.
If not do a manual windows update just to be sure.



Internet Explorer Fix it available now; Security Update scheduled for Friday
MSRCTeam
19 Sep 2012 3:20 PM

[Then, on this Friday, Sept. 21, we will release a cumulative update for Internet Explorer through Windows Update and our other standard distribution channels. We recommend that you install this update as soon as it is available. If you have automatic updates enabled on our PC, you won’t need to take any action – it will automatically be updated on your machine. This will not only reinforce the issue that the Fix It addressed, but cover other issues as well.]
http://blogs.technet.com/b/msrc/arch...or-friday.aspx
I use google chrome. I guess I'm safe. And thanks much for the explanation. Much appreciated.

I might know all about tablets, but operating systems and poison ivy, etc, are still over my head. But I can learn.

thanks.

Melody

Jomar 09-29-2012 10:39 AM
If you have IE installed , whether you use it or not, I would still make sure the update has taken place, just to be safe.
I don't use it either but it's still on my system.


All times are GMT -5. The time now is 05:35 AM.

Powered by vBulletin • Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.

vBulletin Optimisation provided by vB Optimise v2.7.1 (Lite) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.