Microsoft Needs a Little More Fixing
It’s been a bumpy week for Microsoft-related security issues as the company found itself dealing with broken fixes and a new zero-day exploit. On the plus side, the software giant was at least able to address a problem in its patch distribution service. This week’s Patch Tuesday consisted of four bulletins with eight fixes, not one of which was considered a critical fix, the most important and vital of fixes, so users did have the luxury of waiting a few days before installing.
Those that did and used ZoneAlarm found their Internet was gone. ZoneAlarm is a third-party security system that includes a firewall and a check of incoming and outgoing traffic. Upon installing MS08-037, a fix for vulnerabilities in the Windows Domain Name System (DNS) that could allow for domain spoofing, ZoneAlarm would block Internet access.
Complaints began to appear on Broadband Reports and other techie sites. The problem applies to all ZoneAlarm products – the Free, Pro, AntiVirus, Anti-Spyware and Security Suite editions – which are all based on ZoneAlarm technology.
Check Point Software Technologies, makers of Zone Alarm, posted three suggestions to fix the problem: set the firewall to medium security, uninstall the patch, or add your DNS servers to the trusted zone of the application.
A common strategy among malware writers is to wait until Patch Tuesday to see what Microsoft fixes. If Microsoft doesn’t fix an exploit they’ve found, then they unleash their malware, knowing they are likely to have a month of free reign before the fix comes out, since Microsoft rarely issues out-of-band fixes unless they are severe.
Unleashing a payload of malware
So it was with a Word zero-day exploit. When the hole wasn’t plugged this past Tuesday, the malware writers unleashed their payload. Fortunately, the issue is limited to just one version of the Microsoft word processor, Word 2002 (from Office XP) Service Pack 3. A specially crafted Word file could gain full access to the computer, meaning it would have as much use over the computer as a local user sitting at the keyboard.
Check Point Software Technologies, makers of Zone Alarm, posted three suggestions to fix the problem: set the firewall to medium security, uninstall the patch, or add your DNS servers to the trusted zone of the application.
A common strategy among malware writers is to wait until Patch Tuesday to see what Microsoft fixes. If Microsoft doesn’t fix an exploit they’ve found, then they unleash their malware, knowing they are likely to have a month of free reign before the fix comes out, since Microsoft rarely issues out-of-band fixes unless they are severe.
Unleashing a payload of malware
So it was with a Word zero-day exploit. When the hole wasn’t plugged this past Tuesday, the malware writers unleashed their payload. Fortunately, the issue is limited to just one version of the Microsoft word processor, Word 2002 (from Office XP) Service Pack 3. A specially crafted Word file could gain full access to the computer, meaning it would have as much use over the computer as a local user sitting at the keyboard.
Leave a Reply
You must be logged in to post a comment.
