Solved

Microsoft Security Advisory 2963983 - How worried should we be?

Posted on 2014-04-30
5
426 Views
Last Modified: 2014-05-06
Hi all,

Just reading the Microsoft Security Advisory 2963983 and Im slightly alarmed at the potential of this vulnerability. It also appears that Microsoft are taking there time with a fix for this too.

Just wanted to gauge what people think?
0
Comment
Question by:Matt
  • 2
  • 2
5 Comments
 
LVL 3

Assisted Solution

by:bmurray-vb
bmurray-vb earned 125 total points
ID: 40031746
If you're using a good antivirus, antimalware product with predictive protection capabilities, it should keep a user from hitting a link that would deliver the code to utilize the exploit.

All of my clients use Webroot SecureAnywhere, and this has been verified by their enterprise support personnel.

If you want to take a measure that also protects the browser itself from the exploit.  Deploy EMET 4.1 via GPO to all the machines you're responsible for.

http://www.microsoft.com/en-us/download/details.aspx?id=41138

Simple to deploy via gpo  (any MSI is simple to deploy via gpo that is)

The fix is slated to be done next month, which is likely going to be patch Tuesday next week.
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 250 total points
ID: 40033059
Here is an update on the Internet Explorer situation. It only applies if you are running Internet Explorer 10 or 11.

Microsoft explains how to enable Enhanced Protected Mode (EPM) in the "suggested actions" section of its advisory. The steps are outlined as follows:

To enable EPM in IE 10 or 11, click the Tools menu and then click Internet options.
In the Internet Options window, click the Advanced tab.
Scroll down the list of options until you see the Security section.
Look for the option to Enable Enhanced Protected Mode and click its checkbox to turn it on.

If you're running IE 11 in a 64-bit version of Windows, you also need to click the checkbox to Enable 64-bit processes for Enhanced Protected Mode.
Restart IE to force the new setting to take effect.
EPM is saddled with a couple of limitations. The feature supports only IE 10 and 11 and only 64-bit versions of Windows. And some websites and add-ons won't work with EPM enabled.

How do you protect yourself if you're running an older version of IE or use a site that doesn't play nicely with EPM? You can unregister an associated IE DLL file called VGX.DLL. Microsoft explains how to unregister this file in the suggested actions section.

Until Microsoft can patch this bug, the best option is to use an alternate browser such as Firefox or Google Chrome. But those of you stuck on IE can at least better protect yourself by following Microsoft's suggestions.

http://www.cnet.com/news/microsoft-tells-ie-users-how-to-defend-against-zero-day-bug/?tag=nl.e703&s_cid=e703&ttag=e703&ftag=CAD090e536
0
 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 125 total points
ID: 40035025
MIZUK--
Flash Player can be the vector for acquiring this security bug.
Adobe has released an update for Flash to avoid this--version 13,0,0,206.
Download and install from here
http://get.adobe.com/flashplayer/

And here is the official MS position
https://technet.microsoft.com/library/security/2963983#ID0EEEAC
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 40038069
MIZUK--
MS has issued a fix.
https://technet.microsoft.com/library/security/ms14-021
Or you will probably be offered it on Windows Update.

Another good reference
http://support.microsoft.com/kb/2964358
0
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 250 total points
ID: 40039201
Have we answered your question?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now