Microsoft Corp. warns that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open a malicious document or visit a booby-trapped website. There is currently no official patch for the flaw, but Microsoft has released recommendations for mitigating the threat.
https://krebsonsecurity.com/2021/09/microsoft-attackers-exploiting-windows-zero-day-flaw/
Try StreamFab Downloader and download from Netflix, Amazon, Youtube! Or Try DVDFab and copy Blu-rays!
+ Reply to Thread
Results 1 to 10 of 10
Thread
-
"Programmers are human-shaped machines that transform alcohol into bugs."
-
So, stop opening malicious documents and visiting booby-trapped sites. Duh.
Scott -
Where is the crystal ball function that allows you to know in advance what's a malicious document and which website has a booby trap?
-
Critical, scientific, logical thinking. Patience. And good habits of safe methodology.
Scott -
I remember years ago when an exploit attacked windows xp users that couldn't be blocked as long as you were online,same old thing happening.
I think,therefore i am a hamster. -
Really. I just finished 2 degrees, one on biology and one on health sciences and I don't seem to recall any class that prepared me for knowing in advance which files had a malicious payload and which sites had booby traps. Maybe I should sue my school.
I also recently started working on a cybersecurity degree and studying for my Security+ certification, but I still haven't been taught how to use "Critical, scientific, logical thinking. Patience. And good habits of safe methodology" to know which files have a malicious payload and which sites have booby traps. Maybe they'll cover that next semester.
On the bright side I am doing well in my Sarcasm class. -
Written like a man who realizes what he said was idiotic but lacks the confidence in himself to admit he was wrong.
Anytime you want to demonstrate the method you use to demonstrate what files have a malicious payload, without using antivirus software to scan them, or what websites may be hosting "booby traps", feel free to enlighten the rest of us heathens. -
1. Do not open / download / execute any email attachments, even from a 'trusted' source - phone them and ask them if they sent you a file. The old fashioned way.
2. Do not click on any hyperlinked txt in email main body of txt from a stranger or known source.
That covers 99.9% of it.
In the 2000's I used to use AVG Antivirus (free) on home PC system/network - but any antivirus - even a mega expensive one is never going to protect you against a new exploit. Think about it.
Until an exploit is in the wild and patched; then the AV app does not know about it, and can't save you, or prevent it from installing itself. Plain logic.
I work on computer systems for a living and have not used an AV solution since 2003, professionally or domestically. And have never had any issues whatsoever. Not once.
And I haven't had my bank details hacked, that old chestnut - lol - and neither have any of my clients. I AM saying keep your systems patched even if they are creaking with M$ sticking plasters. Better yet - as I do - do not use M$ for mission critical systems.
What I am saying 100% is any AV is a waste of space / sys resource. Its a con, and nearly everyone falls for it with the bank details threat. Who's got a million pounds in their current account ?
And the same people who advocate AV on their home PC in case hackers get their last £23.50 before payday quite happily order shit from JustEat and Amazon on their phone completely unprotected. And happily pay for small items via contactless in their local corner shop with complete strangers from lands afar manning the tills.
Some people amaze me with their beliefs and what they actually do to put themselves at risk every day in their lives - but shit their pants if they haven't given McAfee or Kaspersky half of their monthly wages once every year.Last edited by codehound; 11th Sep 2021 at 19:56.
Similar Threads
-
Public Windows PrintNightmare 0-day exploit allows domain takeover.
By El Heggunte in forum ComputerReplies: 1Last Post: 2nd Jul 2021, 18:58 -
Microsoft Edge resets pdf association in Windows 10
By kyrcy in forum ComputerReplies: 17Last Post: 10th Nov 2020, 12:28 -
Google discloses Windows 0-day that’s been under active exploit
By El Heggunte in forum ComputerReplies: 2Last Post: 3rd Nov 2020, 11:05 -
I've had it with Microsoft and Windows 10 !
By joecass in forum ComputerReplies: 40Last Post: 13th Oct 2017, 01:15 -
Microsoft Paint - Alternatives for Such Program in Windows 10
By devilcoelhodog in forum ComputerReplies: 8Last Post: 27th Jul 2017, 19:34