Discussion in 'Business & Enterprise Computing' started by PabloEscobar, Dec 11, 2014.
wot service? iis?
Details are being released 10am PDT (ie 3am AEST).
Top tier partners know the details, then next level down have then received a notification about the patch release.
Interesting to note that it says the patch will be for all "supported" versions of Windows, I wonder if they'll still give a bit of amnesty to 2003 users and also patch it.
I normally pilot 2-3 days after release then staged deployment 1-2 weeks later. This time because of all the HT bullshit I accelerated deployment and did critical infrastructure the weekend it weekend just gone.
i thought there was already a RCE for 2k3 that they didnt patch?
So no pre 2008 patches, stupid font subsystem related issues again.
Indeed, interestingly the referred to it as the "Windows Adobe Type Manager". Adobe and Microsoft.... the security kings.
It's the Perfect storm of suck...
Especially given that I can't patch during business hours without user impact .
If I recall the Font Subsystem patches previously released have been buggy as all hell and recalled not long after.
KB3069392 breaks screen sharing in Cisco Webex sessions, but apart from that, everything else seems hunky dory.
Cisco have already released a patch (WBS29.13.34) for this.
Anyone had new updates today getting stuck after a reboot?
You may need to restart the computer two times for 3075222
I think it's actually KB3071756 causing my issues :\
Out of Band IE Patch released this morning.
Drive by code exec (they call it remote, but damned if I am) on almost all IE versions.
Please tell me all this fucking font shit doesn't affect winx?
mother****ing fuck balls.
How the fuck do i uninstall IE11 from my pc.
Like most things 'It Depends'
Endpoint AV should see badthing.exe get written to disk, or executed from memory and stop it. But it probably can't differentiate between iexplore.exe downloading and running badthing.exe and iexplorer.exe downloading and rendering catpicture.jpg
Your UTM may or may not have a rule for this. Contact your vendor with the CVE (CVE-2015-2502) and ask, or google CVE-2015-2502 + your vendor and see - http://www.checkpoint.com/defense/advisories/public/2015/cpai-2015-1007.html is checkpoints advisory on it.
Even if your current threat protection believes it has you covered, you should still be patching ASAP.
SCCM has picked this up already, strange that we haven't seen any weird issues like this getting SCCM to apply updates?
Client-based Endpoint AV is fucking worthless at this point.
Why anyone continues to pay for it is beyond me.
Disagree. Its one of the many layers that make up an effective security solution.
Judging by the number of infected USB sticks, Phones and Cameras our endpoint AV cleanses with fire, I'd say its still has some relevance.
Unless you have the luxury of whitelisting, and/or extreme USB policy, you're foolish not to run it.
I said pay for it.
Not don't have it.
If you want draconian shit like "no usb ever" or what have you - and aren't paying for Win Enterprise client licenses, sure there is a need outside of hurr durr AV.
But if you're actually paying $30-60/seat just to get a pretty report that has .4 seconds of view time by some one who signs the cheques - that money is better spent elsewhere. Fuck I'll send you a powerpoint every month for $10/seat.