Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: ocean10000
"This is one of the most serious Microsoft vulnerabilities ever released," said Marc Maiffret of eEye Digital Security Inc. of Aliso Viejo, Calif., which discovered the new Windows flaws. "The breadth of systems affected is probably the largest ever. This is something that will let you get into Internet servers, internal networks, pretty much any system."
Download the patch from the [windowsupdate.microsoft.com ] web site.
It's on my w2k box: c:\winnt\system32\msasn1.dll
For example, AMS has told its buyers and vendors who install the patch may be taken to a screen saying that they are using an unsupported browser or shown a screen with the text "System Development Mode" on it, or may be given an "Internal Server Error" message when trying to respond to a quote.
"There is not an official Microsoft workaround available at this time. However, we have found that some users are able to return to (the site) by first clicking the browser "Refresh" button and then answering "Yes" when asked if they would like to 'Retry'.
AMS is working with Microsoft directly to determine what can be done to resolve this problem. Again, this is only a problem if a user has the patch installed on their computer. Users with Internet Explorer without the patch are NOT experiencing the problem.
"The breadth of systems affected is probably the largest ever. This is something that will let you get into Internet servers, internal networks, pretty much any system."
The really scary thing is Diebold, one of the world's largest maker of ATMs has incorporated Windows into their products. This makes me extremely nervous about keeping my money in the bank.
Wired News: Windows to Power ATMs in 2005 [wired.com]
They have in the past been hacked from internal
access paths. These boxes are network accessible
only through secure paths, *but* it was presumed
that the bank internal network was secure. A
trojaned system that was *not* an atm, but on the
internal network was used to access the atm.