Topic: Zero day for Windows 7 @ AskWoody

Zero day for Windows 7
Home » Forums » Newsletter and Homepage topics » Zero day for Windows 7
- This topic has 12 replies, 4 voices, and was last updated 2 years, 3 months ago by anonymous.
Tags: 0patch Patch Lady Posts Zero Day
Author

Topic
New Reply
Susan Bradley
Manager

November 25, 2020 at 12:11 pm #2314368
Options

Reply
Quote

Bleeping computer reports that O-patch is releasing a fix for a zero day in Windows 7 and server 2008 R2. I haven’t yet seen an out of band patch rele
[See the full post at: Zero day for Windows 7]

Susan Bradley Patch Lady

10 users thanked author for this post.

M. Paquet, jburk07, abbodi86, lmacri, Nibbled To Death By Ducks, Elly, Pim, Moonbear, GreatAndPowerfulTech, Alex5723

Reply | Quote
Viewing 7 reply threads
Author

Replies
- Moonbear
  AskWoody Lounger
  
  November 25, 2020 at 1:22 pm #2314389
  Options
  
  Reply
  Quote
  
  If a local non-admin account is being used, all registry changes require running regedit as Admin. Does this zero day also bypass the UAC as well?
  
  This reply was modified 2 years, 4 months ago by Moonbear.
  
  1 user thanked author for this post.
  
  Charlie
  
  Reply | Quote
- Susan Bradley
  Manager
  
  November 26, 2020 at 12:00 am #2315004
  Options
  
  Reply
  Quote
  
  As I’m reading this, it won’t show or pop UAC. “If a normal user is able to modify an existing service then he/she can execute arbitrary code in the context of LOCAL/NETWORK SERVICE or even LOCAL SYSTEM.
  
  Susan Bradley Patch Lady
  
  2 users thanked author for this post.
  
  M. Paquet, Moonbear
  
  Reply | Quote
- Nibbled To Death By Ducks
  AskWoody Plus
  
  November 25, 2020 at 6:43 pm #2314448
  Options
  
  Reply
  Quote
  
  “…expected to be twice the price?” Ow.
  
  If MS’s offshore support is any indicator, 0Patch may be looking more attractive, even tho THEIR support is email only, from what I can see…
  
  Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
  --
  "...all the people, all the time..."Peter Ustinov ad-lib in "Logan's Run"
  
  Reply | Quote
- Susan Bradley
  Manager
  
  November 25, 2020 at 11:50 pm #2315003
  Options
  
  Reply
  Quote
  
  Yes, they actually stated this last year. Approx $60 for year one, $120ish for year two and so on.
  
  Susan Bradley Patch Lady
  
  1 user thanked author for this post.
  
  Nibbled To Death By Ducks
  
  Reply | Quote
  
  Nibbled To Death By Ducks
  AskWoody Plus
  
  November 26, 2020 at 12:22 am #2315014
  Options
  
  Reply
  Quote
  
  Yup, now that I search my memory, you’re right. This year has gone by like lightning for me.
  
  Question:
  
  I know it’s “just” a vuln, and there’s nothing in the wild yet, but Sergiu’s knowledge of it seems to be more than enough to go to MITRE Corp. or the CNA and get a CVE assigned to it. I’ve read the paper on how CVE’s get assigned, and it seems all the criteria are met:
  
  https://cve.mitre.org/CVEIDsAndHowToGetThem.pdf
  
  Has the holiday thrown a wrench into that process? Would it even help get Redmond off their duff on this one? Is it necessary or prudent to get a CVE on it ASAP? Seems so to me, but I don’t have the knowledge base for how all the gears and cogs work on this sort of thing as a practical matter. The .PDF seems straightforward in theory, but then there’s the real world…
  
  Just curious.
  
  Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
  --
  "...all the people, all the time..."Peter Ustinov ad-lib in "Logan's Run"
  
  1 user thanked author for this post.
  
  Moonbear
  
  Reply | Quote
- Alex5723
  AskWoody Plus
  
  November 26, 2020 at 1:40 am #2315027
  Options
  
  Reply
  Quote
  
  Nibbled To Death By Ducks wrote:
  
  “…expected to be twice the price?” Ow.
  
  According to Microsoft first year of ESU is ~$60, second year ~$120, third year ~$240, total $420.
  0Patch Pro for 3 years ~$90 and supports patching Office including the EOL Office 2010 and many 3rd party apps.
  
  5 users thanked author for this post.
  
  Endora, M. Paquet, Nibbled To Death By Ducks, Cybertooth, Myst
  
  Reply | Quote
- anonymous
  Guest
  
  November 26, 2020 at 4:19 am #2315032
  Options
  
  Reply
  Quote
  
  With no CVE, we would rather forego the ‘unofficial patch’ and wait it out for the ESU patch. snafu :)/
  
  1 user thanked author for this post.
  
  Nibbled To Death By Ducks
  
  Reply | Quote
- anonymous
  Guest
  
  November 26, 2020 at 10:02 am #2315071
  Options
  
  Reply
  Quote
  
  This is very low impact as it requires local (physical) access to the computer.
  
  It reminds me of one of the Ten Immutable Laws Of Security:
  
  “If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.”
  
  5 users thanked author for this post.
  
  Myst, Moonbear, Nibbled To Death By Ducks, Microfix, Cybertooth
  
  Reply | Quote
- Nibbled To Death By Ducks
  AskWoody Plus
  
  November 26, 2020 at 6:09 pm #2315148
  Options
  
  Reply
  Quote
  
  Thanks…I never knew that “Local” was synonymous with “physically present”. The Registry has always been in the same sketchy area as “Networking” on my mental PC/OS map; some tracings and pieces of knowledge, but not overall completely filled in. 🙂
  
  “Live and learn, or you don’t live long.” -R.A.H.
  
  Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
  --
  "...all the people, all the time..."Peter Ustinov ad-lib in "Logan's Run"
  
  Reply | Quote
- Moonbear
  AskWoody Lounger
  
  November 26, 2020 at 7:55 pm #2315153
  Options
  
  Reply
  Quote
  
  The need for physical access could also be the reason their hasn’t been a CVE issued yet
  
  Reply | Quote
- anonymous
  Guest
  
  November 29, 2020 at 7:22 am #2315652
  Options
  
  Reply
  Quote
  
  Could you not simply change the ACL on those two registry keys to mitigate this?
  
  Reply | Quote
- anonymous
  Guest
  
  December 7, 2020 at 7:27 am #2317788
  Options
  
  Reply
  Quote
  
  Why is AskWoody not updated with the warnings and the watch out for’s as it once had been.
  
  Reply | Quote
Viewing 7 reply threads

Reply To: Zero day for Windows 7
You can use BBCodes to format your content.
Your account can't use all available BBCodes, they will be stripped before saving.

Your information:
Name (required):

Mail (will not be published) (required):

Website:

Cancel

Plus Membership

Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.

AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.

Welcome to our unique respite from the madness.

It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.