Technical advice
New Firefox exploit from NET Framework SP
sáb 17 oct 2009 02:56:30 UTC — WarxasIn case everyone hasn't read it yet; http://isc.sans.org/diary.html?storyid=7381
The newest patch from Microsoft's patch Tuesday, (MS09-054) installs a vulnerable plug-in in Firefox.
So just go to Firefox's add-ons, click plugins, then chose disable for the Windows Presentation Foundation plugin.
To get rid of the plugin (Unless I understood this wrong.) go to %SYSTEMDRIVE%\Windows\Microsoft.NET\Framework\v3.5\
and delete the folder named Windows Presentation Foundation.
- Inicie sesión o regístrese para enviar comentarios
oooh
sáb 17 oct 2009 03:36:32 UTC — jpvipVista and lower, is what this advisory is for.
I am in Windows 7 (release), and I do not see the plugin in Firefox. :)
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
what about IE?
sáb 17 oct 2009 05:16:38 UTC — demonluowhat about IE?
Here
sáb 17 oct 2009 05:23:52 UTC — WarxasAre the institutions to determine if you are affected, and how to fix the vulnerability in IE. http://securitygarden.blogspot.com/2009/10/ms09-05...
Hope that helps demonluo. :)
oh no...
sáb 17 oct 2009 06:04:09 UTC — jpvipNot security garden...
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Why?
sáb 17 oct 2009 06:11:52 UTC — WarxasWhy?
uhh..
sáb 17 oct 2009 06:46:59 UTC — jpvipSee my comment: http://www.mywot.com/scorecard/securitygarden.b...
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
thanks for the links good
sáb 17 oct 2009 10:41:47 UTC — demonluothanks for the links good info but r this site owner really deframe/mean to other since jpvip seem to know the site owner...
Thank you for the warning; I
sáb 17 oct 2009 10:47:27 UTC — Destinii HaruyaThank you for the warning; I have deleted the add-on. Hopefully the Mozilla staff will blacklist this soon.
What is WPF..?
sáb 17 oct 2009 12:27:51 UTC — phantazmWhat is this "Windows Presentation Foundation" supposed to do?
I suppose it has some kind of functionality,
but who needs it and who don't..?
...
sáb 17 oct 2009 12:32:08 UTC — jpvipWPF is a GUI rendering program for Windows-based programs.
@demonluo
Security Garden is owned by an MS-MVP Corrine. I have read some nasty reports she spills out. I have no idea why she gets so rash, but I guess that is her passion.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Firefox just blacklisted it,
sáb 17 oct 2009 18:08:28 UTC — Destinii HaruyaFirefox just blacklisted it, along with the Microsoft .NET plugin.
lol
sáb 17 oct 2009 21:26:27 UTC — jpvipGood. I guess it was bad enough.
~DragonMaster Jay, malware researcher,
Admin, helpmyos.com
Yay
sáb 17 oct 2009 18:19:48 UTC — WarxasFirefox! Too bad I already got rid of it. :P