Re: [Full-disclosure] Downloads Folder: A Binary Planting Minefield



Mitja,
The #1 item on your list of countermeasures should be to advise people to
not run with admin privileges in general and especially when surfing the
web. Your #5 item seems risky to me because the executable won't be updated
if Microsoft issues a patch.

Regards,

Kurt

-----Original Message-----
From: ACROS Security Lists [mailto:lists@xxxxxxxx]
Sent: Friday, February 17, 2012 1:33 PM
To: bugtraq@xxxxxxxxxxxxxxxxx; full-disclosure@xxxxxxxxxxxxxxxxx;
cert@xxxxxxxx
Subject: Downloads Folder: A Binary Planting Minefield


This blog post reveals a bit of our research and provides an advance
notification of a largely unknown remote exploit technique on Windows. More
importantly, it provides instructions for protecting your computers from
this technique while waiting for the affected software to correct its
behavior.

http://blog.acrossecurity.com/2012/02/downloads-folder-binary-planting.html

or

http://bit.ly/wmq00a

Enjoy the reading!


Mitja Kolsek, CEO / @mkolsek

ACROS, d.o.o.
Makedonska ulica 113, SI - 2000 Maribor, Slovenia Tel +386.2.3000.280 Fax
+386.2.3000.282 Web http://www.acrossecurity.com Blg
http://blog.acrossecurity.com Twt @acrossecurity

ACROS Security: Finding Your Digital Vulnerabilities Before Others Do



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/