Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions

Discussions of applications and operating systems and any problems, tips or suggestions. Win XP, 9x/2k, Linux, NT, photo editing, Virus/Spyware help
Post Reply
User avatar
FlyingPenguin
Flightless Bird
Posts: 32902
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions

Post by FlyingPenguin »

If you defer updates, like me, this is not one to defer. All it takes is to right-click, drag and drop or delete (yes delete!) a malicious file to trigger the exploit.

https://www.securityweek.com/windows-ze ... e-actions/

You can download just the patch for this exploit here, if you prefer not to play Russian Roulette with Windows Update:

https://msrc.microsoft.com/update-guide ... 2024-43451
---
I've gotta say, a Bible signed by the actual anti-Christ, would be a hell of a collector's item.

Image
User avatar
Losbot
Life Member
Posts: 5053
Joined: Sun Jul 13, 2014 8:59 am
Location: South Florida

Re: Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions

Post by Losbot »

Crap. Thanks for the heads up!
------------------------------------------

Image
User avatar
FlyingPenguin
Flightless Bird
Posts: 32902
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Re: Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions

Post by FlyingPenguin »

That manual download is just a bunch of cab files with no installer, so I think it requires a local update server.

I just imaged the drive last week anyway, and I'm 2 months behind on updates, so I just let it catch up.

I'm so sick of MS updates that I may go ahead and install 0patch this month and turn updates off.
---
I've gotta say, a Bible signed by the actual anti-Christ, would be a hell of a collector's item.

Image
User avatar
Executioner
Life Member
Posts: 10187
Joined: Wed Nov 22, 2000 11:34 am
Location: Woodland, CA USA

Re: Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions

Post by Executioner »

Hard to believe how fast time flies. 10 will be EOL in October 2025 or just about 11 months away. I'm planning to stay on 10 on my desktop. My laptop has 11.
I have Windows update always on so I get them as necessary.
Post Reply