He demonstrated a social engineering attack scenario where a fake elevation prompt can be used to trick users into clicking "allow" to give elevated rights to a malicious file.
That is the scenario I have been envisioning since I first installed RC1. Microsoft is conditioning users to agree to about anything by having so many intrusive pop-ups. People just want to get on with their computing experience. Maybe they will read the warning a few times at first, but after a short while they just respond without reading because that is how they get to the next step. Of course malware writers will use this method, it is almost as if Microsoft has given them a gift.
This Windows exploit is similar to the WMF exploit, and just like it, Microsoft is going to take their time fixing it. If you must use Windows avoid IE and Outlook but that's not always possible.
And to be completely safe you can unregister the.dll as follows...
Copy the following command to clipboard and Paste into Run:
Excellent point, and a very import distinction to make.
Like it or not, Microsoft is the 800lb. Gorilla in the room and when they speak, people do listen.
This could merely be an effort to take attention away from the alternatives, while Office2007 is still under construction, then after Office launches, Microsoft can declare the idea impractical.
Even if they do something in this area, they are not leading, inventing or innovating and it will no doubt be crippled in some way so as not to damage the cash-cow that Office has become.
I always remind people that Microsoft is a marketing company, NOT a technology company. They DO NOT innovate. They are extremely greedy and will do whatever they can to keep the cash coming in.
I'm betting this is just a bit of "me too" fluff to keep the press folks distracted.
I used to do a lot of travel for work, lugging product samples all over the world. I always travel with carry-on only. Since 9-11, I won't even bother trying to bring samples. The airport experience is simply the worst part of traveling.
Pick a carrier any carrier (UPS, FedEX, DHL, etc.) and ship what you need to your hotel. As long as you pack it well (and insure it, of course) it will be waiting for you in your room when you arrive. Trust me, it seems like a lot of extra trouble at first, but its worth it.
...can't it be mitigated somewhat by say, using that little wheel marked "volume"?
Stop that! Stop that right now! You're suggesting some sort of personal responsibility is involved. We'll have none of that! Everyone knows that somehow the government should be involved with this issue. That and several lawyers to deal with the evil manufacturers who are forcing their wares on an innocent and unsuspecting public.
I use Microsoft products daily. Do I trust Microsoft? No way!
I would agree that (among my client base) there is a general uneasy feeling building towards Microsoft. So the idea that their ranking is lower does not surprise me at all.
Do I trust Apple? Not anymore than Microsoft.
The conspiracy theorist in me believes the real motive behind their switch to Intel has to do with standardizing DRM.
When all of the hardware is "Trusted" then who will you trust at all?
Slashdot Mirror
He demonstrated a social engineering attack scenario where a fake elevation prompt can be used to trick users into clicking "allow" to give elevated rights to a malicious file.
That is the scenario I have been envisioning since I first installed RC1. Microsoft is conditioning users to agree to about anything by having so many intrusive pop-ups. People just want to get on with their computing experience. Maybe they will read the warning a few times at first, but after a short while they just respond without reading because that is how they get to the next step. Of course malware writers will use this method, it is almost as if Microsoft has given them a gift.
"No FDA approval for you! Come back, one year!"
I like how this page showed up with some answers before anyone posted.
My dad likes to say, "If they were smart, they wouldn't be crooks, they'd have real jobs."
I swear, that's the first thought that ran through my head.
I'm sure they'll detect every rootkit except the one they install.
Why am I so paranoid?
Oh yeah, I run Windows.
Deja Moo?
The feeling you've eaten this steak before.
Aye!
Stay inside.
You know, at first I was against it, but nobody told me about there being blue LEDs.
Blue LEDs!
Now I have to rethink my position...
This Windows exploit is similar to the WMF exploit, and just like it, Microsoft is going to take their time fixing it. If you must use Windows avoid IE and Outlook but that's not always possible.
.dll as follows...
And to be completely safe you can unregister the
Copy the following command to clipboard and Paste into Run:
regsvr32 -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"
Then when Microsoft gets around to fixing this (Probably on the next patch Tuesday) you can restore it:
regsvr32 "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"
Want to bet this code is in Vista somewhere?
Excellent point, and a very import distinction to make.
Like it or not, Microsoft is the 800lb. Gorilla in the room and when they speak, people do listen.
This could merely be an effort to take attention away from the alternatives, while Office2007 is still under construction, then after Office launches, Microsoft can declare the idea impractical.
Even if they do something in this area, they are not leading, inventing or innovating and it will no doubt be crippled in some way so as not to damage the cash-cow that Office has become.
I always remind people that Microsoft is a marketing company, NOT a technology company. They DO NOT innovate. They are extremely greedy and will do whatever they can to keep the cash coming in.
I'm betting this is just a bit of "me too" fluff to keep the press folks distracted.
Ha, you're both wrong! Stupid noobs.
It's tubes and you get to it with the AOL icon.
Phasers!!!
Aren't those like space guns?
Quick, edit them out and replace them with walkie talkies.
Won't someone think of the children?
I used to do a lot of travel for work, lugging product samples all over the world.
I always travel with carry-on only. Since 9-11, I won't even bother trying to bring samples.
The airport experience is simply the worst part of traveling.
Pick a carrier any carrier (UPS, FedEX, DHL, etc.) and ship what you need to your hotel.
As long as you pack it well (and insure it, of course) it will be waiting for you in your room when you arrive.
Trust me, it seems like a lot of extra trouble at first, but its worth it.
...he was constantly on the move, traveling around the world to help customers figure out how to use Microsoft's products securely.
Kind of says it all doesn't it.
When you find yourself in danger,
When you're threatened by a stranger,
When it looks like you will take a lickin',
There is someone waiting,
Who will hurry up and rescue you,
just Call for Super Chicken!
Fred, if you're afraid you'll have to overlook it,
Besides you knew the job was dangerous when you took it
He will drink his super sauce
And throw the bad guys for a loss
And he will bring them in alive and kickin'
There is one thing you should learn
When there is no one else to turn to
Call for Super Chicken!
Will it be blue?
...can't it be mitigated somewhat by say, using that little wheel marked "volume"?
Stop that!
Stop that right now!
You're suggesting some sort of personal responsibility is involved. We'll have none of that!
Everyone knows that somehow the government should be involved with this issue. That and several lawyers to deal with the evil manufacturers who are forcing their wares on an innocent and unsuspecting public.
...if the system detects queues growing beyond a pre-defined length in the security zone staff will be alerted of the need to open another lane
Forget the airport, I want this at my local supermarket!
Prosecutors claim he [, using grant funds,] bought a car...
What sort of car? Was it a Hyundai?
If so, hasn't the poor man already suffered enough?
Oh, that is TOO good!
Now I have to go and re-register everywhere.
Wow!
That's a lot of cards in your wallet!
Do you lean to one side when you sit?
I use Microsoft products daily.
Do I trust Microsoft? No way!
I would agree that (among my client base) there is a general uneasy feeling building towards Microsoft. So the idea that their ranking is lower does not surprise me at all.
Do I trust Apple? Not anymore than Microsoft.
The conspiracy theorist in me believes the real motive behind their switch to Intel has to do with standardizing DRM.
When all of the hardware is "Trusted" then who will you trust at all?
That goes without saying, after all, we're discussing AOL users.
Really! I mean how are we supposed to know if this article is a dupe or not?