Jump to content


Major System Vulnerability Notices

  • This topic is locked This topic is locked
1 reply to this topic

#1 nosoop


    in ur vps, wreckin' ur stuf

  • Members
  • 2762 posts

Posted July 20 2015 - 09:02 PM

I think this would be a nice thread to have just for people to be informed about any major exploits available in their home computers so they can update and stay secure.  (I mean, not to say the server stack shouldn't be disregarded, but that's a small group that doesn't matter much to end-users.  It's not like Shellshock affects casual users, right?)


As the topic is locked, only site administrators (and I) are allowed to post in the thread.


Original text below:




Quick notice to Windows users:  Restart for the July 20th Windows update.


A vulnerability in how Windows loads embedded OpenType fonts (e.g., through web sites and formatted documents) opens up the potential of remote code execution on all currently supported Windows systems (and likely even on those that have been EOL'd).


This vulnerability is posted as Microsoft Security Bulletin MS15-078 and is marked as "Critical".  A kernel-mode driver has the bug, so exploits using it can effectively own your entire system.


The update that patches this flaw is KB3079904 and is marked as an important update.


This is Pretty Bad in terms of vulnerabilities (as much as Flash / Java and not something as easily disabled), so if you have any internet-connected Windows version prior to Vista, you really should go and upgrade or switch to a non-Windows alternative (or disable the OpenType driver, as outlined in the workarounds section of the MSB).

#2 nosoop


    in ur vps, wreckin' ur stuf

  • Members
  • 2762 posts

Posted October 15 2015 - 06:28 PM

Major Flash vulnerability affecting all systems. It's currently fairly low-scope (targeting foreign affairs ministries), but who knows when it'll start spreading. Recommended to uninstall (or at least disable) Flash until the next fix.



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users