#!# The One Nobody Saw Comming //Windows

Discussion in 'Archives' started by 1ce, Mar 29, 2011.

Sign in to Post
Thread Tools

Thread Tools

  • Thread ID:
#!# The One Nobody Saw Comming //Windows
  1. Unread #1 - Mar 29, 2011 at 2:32 AM
  2. 1ce
    Joined:
    Mar 11, 2011
    Posts:
    261
    Referrals:
    1
    Sythe Gold:
    0

    1ce Forum Addict
    Banned

    #!# The One Nobody Saw Comming //Windows
    Nobody likes drive by attacks, but how seriously do you take them?

    If this concerns you, read on::
    In this guide I will shed light on a very dangerous type of security attack,
    and what YOU can do to defend yourself.

    <guide>
    Back in 2005 a nasty security flaw was found in the Windows MetaFile Imaging format. The problem was "solved" by M$ (Micro$oft). And to a point it was. Unfortunatly, new attacks are under way, and have recently been exploited.

    Information on this attack::

    Essentially the nature of this beast is exploiting gdi32.dll. It allows for a *.wmf image to run escape code.
    It could even extract extremely nasty RAT utilities such as sub7 on an unsuspecting user's computer.
    Blocking pop-ups or *.wmf images from websites is not enough to stop this. Using javaCscript is still vulnerable to a wide variety of internet browsers. Using this scripting a user could spam pop-ups, new windows, anything they
    can do to have your system display these harmful images. A malicous user executing a Man In The Middle (MITM) attack could redirect hoards of users to an infected site in a single go!

    What YOU can do to protect yourself::​


    First and foremost, the basics! I highly suggest that you NEVER use your system's Administrative account
    for anything other than routine maintenance. By doing this you are giving
    malware the authoritative environment it needs to infect you.

    Secondly, you need a good firewall that will provide you with strong system protection/application protection. If you are looking for one I suggest Blink Personal Security by EEYE.

    Keep your computer up to date! As Microsoft is informed of these dangerous exploits, They will add patches to them to help protect your system.

    Do not delay in closing pop-ups!

    If you find your browser redirected to a website you did not enter; DO NOT hesitate to do the following steps:

    1:: Close your browser immediatly.
    2:: go to start > cmd > open up that command prompt and type:
    3:: ipconfig /flushdns
    4:: ipconfig /release
    5:: ipconfig /renew
    6:: You are now safe and sound, if you are redirected agian a new MITM has begun, simply repeat 1-5.

    What this does::
    If your system is under the influence of a MITM this will clear your DNS cache; it will also move you out of the way of the MITM attack.

    </guide>

    I hope this Guide has not only educated you on some of the dangers of the internet, but will help you keep your system clean and safe in the future!

    Sincerely, 1ce
     
    Share
< What happens when we die (my theory) | Skipping to the "comfortable" phase >

Users viewing this thread
1 guest


 
 
Adblock breaks this site