Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Windows 0-day

From: Greg Williams <gwillia5 () UCCS EDU>
Date: Tue, 27 Jul 2010 10:44:15 -0600
Sophos just released this free tool to block the exploit:  

http://www.sophos.com/products/free-tools/sophos-windows-shortcut-exploit-pr
otection-tool.html
 

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of David Opitz
Sent: Wednesday, July 21, 2010 7:47 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Windows 0-day

Hi,

I'm wondering what everyone is doing about the current Microsoft 0-day
exploit.  Details are at: https://isc.sans.edu/diary.html?storyid=9190 and
at http://www.microsoft.com/technet/security/advisory/2286198.mspx .

Microsoft recommends 3 Workarounds until they get a patch out:
1) Disable the displaying of icons for shortcuts
2) Disable the WebClient service
3) Block the download of LNK and PIF files from the Internet.

Which of those 3 (if any) are you using on your campus?  We are considering
doing the first one, but this would change how shortcuts are displayed on
users' desktops, so we would have to communicate this to all of our users.

Peace,
Dave Opitz
Sr. Security Analyst
Infrastructure Services - Technology Services Loyola Univeristy Maryland
4501 N. Charles St.
Baltimore, MD, 21210
dopitz () loyola edu
Previous By Date Next
Previous By Thread Next

Current thread: