Technical advice
New Firefox exploit from NET Framework SP
Sat 17 Oct 2009 02:56:30 AM UTC — WarxasIn case everyone hasn't read it yet; http://isc.sans.org/diary.html?storyid=7381
The newest patch from Microsoft's patch Tuesday, (MS09-054) installs a vulnerable plug-in in Firefox.
So just go to Firefox's add-ons, click plugins, then chose disable for the Windows Presentation Foundation plugin.
To get rid of the plugin (Unless I understood this wrong.) go to %SYSTEMDRIVE%\Windows\Microsoft.NET\Framework\v3.5\
and delete the folder named Windows Presentation Foundation.
oooh
Sat 17 Oct 2009 03:36:32 AM UTC — jpvipVista and lower, is what this advisory is for.
I am in Windows 7 (release), and I do not see the plugin in Firefox. :)
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
what about IE?
Sat 17 Oct 2009 05:16:38 AM UTC — demonluowhat about IE?
Here
Sat 17 Oct 2009 05:23:52 AM UTC — WarxasAre the institutions to determine if you are affected, and how to fix the vulnerability in IE. http://securitygarden.blogspot.com/2009/10/ms09-05...
Hope that helps demonluo. :)
oh no...
Sat 17 Oct 2009 06:04:09 AM UTC — jpvipNot security garden...
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Why?
Sat 17 Oct 2009 06:11:52 AM UTC — WarxasWhy?
uhh..
Sat 17 Oct 2009 06:46:59 AM UTC — jpvipSee my comment: http://www.mywot.com/en/scorecard/securitygarden.b...
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
thanks for the links good
Sat 17 Oct 2009 10:41:47 AM UTC — demonluothanks for the links good info but r this site owner really deframe/mean to other since jpvip seem to know the site owner...
Thank you for the warning; I
Sat 17 Oct 2009 10:47:27 AM UTC — Destinii HaruyaThank you for the warning; I have deleted the add-on. Hopefully the Mozilla staff will blacklist this soon.
What is WPF..?
Sat 17 Oct 2009 12:27:51 PM UTC — phantazmWhat is this "Windows Presentation Foundation" supposed to do?
I suppose it has some kind of functionality,
but who needs it and who don't..?
...
Sat 17 Oct 2009 12:32:08 PM UTC — jpvipWPF is a GUI rendering program for Windows-based programs.
@demonluo
Security Garden is owned by an MS-MVP Corrine. I have read some nasty reports she spills out. I have no idea why she gets so rash, but I guess that is her passion.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Firefox just blacklisted it,
Sat 17 Oct 2009 06:08:28 PM UTC — Destinii HaruyaFirefox just blacklisted it, along with the Microsoft .NET plugin.
lol
Sat 17 Oct 2009 09:26:27 PM UTC — jpvipGood. I guess it was bad enough.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Yay
Sat 17 Oct 2009 06:19:48 PM UTC — WarxasFirefox! Too bad I already got rid of it. :P