?
Solved

Microsoft Security Advisory 2963983 - How worried should we be?

Posted on 2014-04-30
5
Medium Priority
?
438 Views
Last Modified: 2014-05-06
Hi all,

Just reading the Microsoft Security Advisory 2963983 and Im slightly alarmed at the potential of this vulnerability. It also appears that Microsoft are taking there time with a fix for this too.

Just wanted to gauge what people think?
0
Comment
Question by:Matt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 3

Assisted Solution

by:bmurray-vb
bmurray-vb earned 500 total points
ID: 40031746
If you're using a good antivirus, antimalware product with predictive protection capabilities, it should keep a user from hitting a link that would deliver the code to utilize the exploit.

All of my clients use Webroot SecureAnywhere, and this has been verified by their enterprise support personnel.

If you want to take a measure that also protects the browser itself from the exploit.  Deploy EMET 4.1 via GPO to all the machines you're responsible for.

http://www.microsoft.com/en-us/download/details.aspx?id=41138

Simple to deploy via gpo  (any MSI is simple to deploy via gpo that is)

The fix is slated to be done next month, which is likely going to be patch Tuesday next week.
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 1000 total points
ID: 40033059
Here is an update on the Internet Explorer situation. It only applies if you are running Internet Explorer 10 or 11.

Microsoft explains how to enable Enhanced Protected Mode (EPM) in the "suggested actions" section of its advisory. The steps are outlined as follows:

To enable EPM in IE 10 or 11, click the Tools menu and then click Internet options.
In the Internet Options window, click the Advanced tab.
Scroll down the list of options until you see the Security section.
Look for the option to Enable Enhanced Protected Mode and click its checkbox to turn it on.

If you're running IE 11 in a 64-bit version of Windows, you also need to click the checkbox to Enable 64-bit processes for Enhanced Protected Mode.
Restart IE to force the new setting to take effect.
EPM is saddled with a couple of limitations. The feature supports only IE 10 and 11 and only 64-bit versions of Windows. And some websites and add-ons won't work with EPM enabled.

How do you protect yourself if you're running an older version of IE or use a site that doesn't play nicely with EPM? You can unregister an associated IE DLL file called VGX.DLL. Microsoft explains how to unregister this file in the suggested actions section.

Until Microsoft can patch this bug, the best option is to use an alternate browser such as Firefox or Google Chrome. But those of you stuck on IE can at least better protect yourself by following Microsoft's suggestions.

http://www.cnet.com/news/microsoft-tells-ie-users-how-to-defend-against-zero-day-bug/?tag=nl.e703&s_cid=e703&ttag=e703&ftag=CAD090e536
0
 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 500 total points
ID: 40035025
MIZUK--
Flash Player can be the vector for acquiring this security bug.
Adobe has released an update for Flash to avoid this--version 13,0,0,206.
Download and install from here
http://get.adobe.com/flashplayer/

And here is the official MS position
https://technet.microsoft.com/library/security/2963983#ID0EEEAC
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 40038069
MIZUK--
MS has issued a fix.
https://technet.microsoft.com/library/security/ms14-021
Or you will probably be offered it on Windows Update.

Another good reference
http://support.microsoft.com/kb/2964358
0
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 1000 total points
ID: 40039201
Have we answered your question?
0

Featured Post

Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to use a free utility called 'Parkdale' to easily test the performance and benchmark any Hard Drive(s) installed in your computer. We also look at RAM Disks and their speed comparisons.
Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question