News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Daily Archives: January 17, 2020

  • Yet another JScript vulnerability

    Posted on January 17th, 2020 at 16:55 woody Comment on the AskWoody Lounge

    Internet Explorer, the gift that keeps on giving.

    Looks like we have a brand new JScript bug. According to ADV200001:

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

    In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.

    The fix, documented in the Security Advisory, is to cut off JScript. Again.

    Is there an update to address this vulnerability?

    No, Microsoft is aware of this vulnerability and working on a fix. Our standard policy is to release security updates on Update Tuesday, the second Tuesday of each month. This predictable schedule allows for partner quality assurance and IT planning, which helps maintain the Windows ecosystem as a reliable, secure choice for our customers.

    Is Microsoft aware of attacks based on this vulnerabilty?

    Yes, Microsoft is aware of limited targeted attacks.

    At least they aren’t going to try to chase it down with four progressively buggy patches, like they did in September and October.

    You folks trying to work with IE are going to have an interesting weekend, yes?

    UPDATE: Catalin Cimpanu has more details on ZDNet.

    UPDATE: Microsoft has assigned the CVE number CVE-2020-0674

  • Is your system susceptible to a ChainOfFools/CurveBall CVE-2020-0601 attack?

    Posted on January 17th, 2020 at 08:19 woody Comment on the AskWoody Lounge

    There’s a simple SANS test to see if your particular browser, running on your particular machine, is susceptible. That doesn’t cover all possibilities, but it’s certainly indicative.

    Detailed discussion in Computerworld Woody on Windows.

    We’re still at MS-DEFCON 2. Unless your system, specifically, triggers a “You Are Vulnerable” warning in the SANS test, I recommend that you wait to patch.

    UPDATE: Some scary stuff from Benjamin Delpy, @gentlekiwi. He’s come up with a scenario where a malicious Word VBA macro can run, if you set VBA to “Disable all macros except digitally signed” and your machine has cached the Microsoft ECC Product Root Certificate Authority 2018 cert. His example requires you to manually activate the macro – but it’s still scary.

    UPDATE: Lawrence Abrams at BleepingComputer has a detailed account of various devious methods that bypass normal certificate validation, thanks to CVE-2020-0106.

  • Using the Opera browser? Here’s something you need to consider

    Posted on January 17th, 2020 at 06:36 woody Comment on the AskWoody Lounge

    I knew that Opera was having problems — but not these kinds of problems.

    Per Steve Symington at the Motley Fool:

    Shares of Opera (NASDAQ:OPRA) were down 17.4% as of 3:30 p.m. EST on Thursday as the software company fell into the crosshairs of a noted short-seller. In a new report published this morning, ominously named short-selling firm Hindenburg Research argued that Opera should be trading closer to $2.60 per share — a 70% discount from Wednesday’s close at around $9.  For perspective, Opera shares had already fallen nearly 25% from the company’s initial public offering in July 2018 at $12 per share — a price Hindenburg Research says was largely justified by the since-scuttled growth prospects for Opera’s web browser.

    No, I don’t know Hindenburg research, and I have no insight to their allegations. But this just strains my imagination:

    With its browser business in decline, cash flow deteriorating (and balance sheet cash finding its way into management’s hands…more on this later), Opera has decided to embark on a dramatic business pivot: predatory short-term lending in Africa and Asia.

    If you’re relying on Opera, you’d be well advise to find another pony.

    Thx, @SimonZerafa.