| 2:50 pm on Jul 8, 2009 (gmt 0)|
Thanks Bill I visit a ton of sites a day and most likely am above average on getting this from hitting an infected site.
| 4:37 pm on Jul 8, 2009 (gmt 0)|
|Our investigation has shown that there are no by-design uses for this ActiveX Control in Internet Explorer |
And yet it's included, active, and gives the hackers access to the local user account. Nice.
| 8:05 pm on Jul 8, 2009 (gmt 0)|
|And yet it's included, active, and gives the hackers access to the local user account. |
That's the gist of ActiveX: expose methods to the web at large.
If you don;t need it (there is no use beyond windowsupdate, use another browser than IE.
| 8:16 pm on Jul 8, 2009 (gmt 0)|
Good timing by Google and their OS announcement then. What garbage this ActiveX.
| 3:23 am on Jul 9, 2009 (gmt 0)|
I think Google will have their hands full with a web browser as an OS.
| 8:14 am on Jul 9, 2009 (gmt 0)|
So using Firefox negates this exploit?
| 8:31 am on Jul 9, 2009 (gmt 0)|
|So using Firefox negates this exploit? |
Also, another question about the exploit... is it likely to be served from any server, or mainly from infected Windows Servers?
| 9:19 am on Jul 9, 2009 (gmt 0)|
It's an ActiveX exploit. Unless you have hacked in that old FF plug-in for ActiveX I don't think this would affect you with that browser.
|is it likely to be served from any server, or mainly from infected Windows Servers? |
They haven't been too specific on that in the articles I've read.
| 5:55 am on Jul 11, 2009 (gmt 0)|
In IE you can set your internet connection to be over LAN with an IP of 0.0.0.0 which completely disables IE and every application that relies on IE standard settings (including windows updates).
If you load up firefox and disable IE as mentioned above you'll start seeing error messages when things start complaining of not being able to connect, like adobe flash. You'll see just how reliant on IE your computer really is, even if you don't use it.
| 5:34 pm on Jul 12, 2009 (gmt 0)|
I've found that getting SOHO and home users to run as a limited user prevents a lot of problems. Running as a limited user simply does not provide enough rights for a virus or trojan to take root.
In a client server environment, you can lock down the users with GPOs of course.