News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Zero day for Windows 7

    Posted on Susan Bradley Comment on the AskWoody Lounge

    Home Forums AskWoody blog Zero day for Windows 7

    Viewing 8 reply threads
    • Author
      Posts
      • #2314368
        Susan Bradley
        Manager

        Bleeping computer reports that O-patch is releasing a fix for a zero day in Windows 7 and server 2008 R2. I haven’t yet seen an out of band patch rele
        [See the full post at: Zero day for Windows 7]

        Susan Bradley Patch Lady

      • #2314389
        Moonbear
        AskWoody Lounger

        If a local non-admin account is being used, all registry changes require running regedit as Admin. Does this zero day also bypass the UAC as well?

         

        • This reply was modified 1 month, 3 weeks ago by Moonbear.
        1 user thanked author for this post.
        • #2315004
          Susan Bradley
          Manager

          As I’m reading this, it won’t show or pop UAC.  “If a normal user is able to modify an existing service then he/she can execute arbitrary code in the context of LOCAL/NETWORK SERVICE or even LOCAL SYSTEM.

          Susan Bradley Patch Lady

          2 users thanked author for this post.
      • #2314448

        “…expected to be twice the price?” Ow.

        If MS’s offshore support is any indicator, 0Patch may be looking more attractive, even tho THEIR support is email only, from what I can see…

        Win7 Pro SP1 64-bit ESU, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Patch List", Multiple Air-Gapped backup drives in different locations, "Don't auto-check for updates-Full Manual Mode." Linux Mint Greenhorn
        --
        "A committee is the only known form of life that can have least four legs and no brain."

        -Robert Heinlein

        • #2315003
          Susan Bradley
          Manager

          Yes, they actually stated this last year.  Approx $60 for year one, $120ish for year two and so on.

          Susan Bradley Patch Lady

          1 user thanked author for this post.
          • #2315014

            Yup, now that I search my memory, you’re right. This year has gone by like lightning for me.

            Question:

            I know it’s “just” a vuln, and there’s nothing in the wild yet, but Sergiu’s knowledge of it seems to be more than enough to go to MITRE Corp. or the CNA and get a CVE assigned to it. I’ve read the paper on how CVE’s get assigned, and it seems all the criteria are met:

            https://cve.mitre.org/CVEIDsAndHowToGetThem.pdf

            Has the holiday thrown a wrench into that process? Would it even help get Redmond off their duff on this one? Is it necessary or prudent to get a CVE on it ASAP? Seems so to me, but I don’t have the knowledge base for how all the gears and cogs work on this sort of thing as a practical matter. The .PDF seems straightforward in theory, but then there’s the real world…

            Just curious.

            Win7 Pro SP1 64-bit ESU, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Patch List", Multiple Air-Gapped backup drives in different locations, "Don't auto-check for updates-Full Manual Mode." Linux Mint Greenhorn
            --
            "A committee is the only known form of life that can have least four legs and no brain."

            -Robert Heinlein

            1 user thanked author for this post.
      • #2315027
        Alex5723
        AskWoody Plus

        “…expected to be twice the price?” Ow.

        According to Microsoft first year of ESU is ~$60, second year ~$120, third year ~$240, total $420.
        0Patch Pro for 3 years ~$90 and supports patching Office including the EOL Office 2010 and many 3rd party apps.

        5 users thanked author for this post.
      • #2315032
        anonymous
        Guest

        With no CVE, we would rather forego the ‘unofficial patch’ and wait it out for the ESU patch. snafu :)/

        1 user thanked author for this post.
      • #2315071
        anonymous
        Guest

        This is very low impact as it requires local (physical) access to the computer.

        It reminds me of one of the Ten Immutable Laws Of Security:

        “If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.”

        5 users thanked author for this post.
      • #2315148

        Thanks…I never knew that “Local” was synonymous with “physically present”. The Registry has always been in the same sketchy area as “Networking” on my mental PC/OS map; some tracings and pieces of knowledge, but not overall completely filled in. 🙂

        “Live and learn, or you don’t live long.” -R.A.H.

        Win7 Pro SP1 64-bit ESU, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Patch List", Multiple Air-Gapped backup drives in different locations, "Don't auto-check for updates-Full Manual Mode." Linux Mint Greenhorn
        --
        "A committee is the only known form of life that can have least four legs and no brain."

        -Robert Heinlein

        • #2315153
          Moonbear
          AskWoody Lounger

          The need for physical access could also be the reason their hasn’t been a CVE issued yet

      • #2315652
        anonymous
        Guest

        Could you not simply change the ACL on those two registry keys to mitigate this?

      • #2317788
        anonymous
        Guest

        Why is AskWoody not updated with the warnings and the watch out for’s as it once had been.

    Viewing 8 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Zero day for Windows 7

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

?
This website collects data via Google Analytics. Click here to opt in. Click here to opt out.
×