Microsoft: 10,000 PCs hit with new XP 0day attack

[Blitzen]

http://www.itworld.com/security/112660/microsoft-10000-pcs-hit-new-xp-0day-attack?source=itw_rss&utm_source=twitterfeed&utm_medium=twitter

IDG News Service — 
Nearly a month after a Google engineer released details of a new Windows XP flaw, criminals have dramatically ramped up online attacks that leverage the bug.

Microsoft reported Wednesday that it has now logged more than 10,000 attacks. "At first, we only saw legitimate researchers testing innocuous proof-of-concepts. Then, early on June 15th, the first real public exploits emerged," Microsoft said in a blog posting. "Those initial exploits were targeted and fairly limited. In the past week, however, attacks have picked up."

The attacks, which are being launched from malicious Web pages, are concentrated in the U.S., Russia, Portugal, Germany and Brazil, Microsoft said.

PCs based in Russia and Portugal, in particular, are seeing a very high concentration of these attacks, Microsoft said.

According to security vendor Symantec, these attacks peaked late last week. "Symantec has seen increased activity around this vulnerability. The increased activity started around June 21 and peaked around June 26 and 27," a company spokesman said via instant message Wednesday. Attacks have leveled out since then, he added.

Criminals are using the attack code to download different malicious programs, including viruses, Trojans and software called Obitel, which simply downloads more malware, Microsoft said.

The flaw that's exploited in all of these attacks lies in the Windows Help and Support Center software that comes with Windows XP. It was disclosed on June 10 by Google researcher Tavis Ormandy. This Help Center software also ships with Windows Server 2003, but that operating system is apparently not vulnerable to the attack, Microsoft said.

Ormandy was criticized by some in the security community for not giving Microsoft more time to patch the flaw, which he disclosed to the software vendor on June 5. He released details of the bug five days later, apparently after failing to convince Microsoft to fix the issue within 60 days.

In a security advisory released June 10, Microsoft outlines several ways to turn off the Windows Help Center Protocol (HCP).

Microsoft's next set of security updates are due July 13.

[Max™]

Yes indeed, this is bad news, some people rely on help and support within windows xp,
personally i dont, i disabled mine years ago as not needed.

[White Stripes]

...and they are wating till the 13th to send the patch? o.O

[Trestor]

In this link MS talks about the problem: http://www.microsoft.com/technet/security/advisory/2219475.mspx

In this link MS offers a patch to fix it (which I think disables the Help function): http://support.microsoft.com/kb/2219475

[White Stripes]

Users and programs can execute URL links to Help and Support Center by using the "hcp://" prefix in a URL link instead of "http://".

What is the HCP Protocol?
Similar to the HTTP protocol which is used to execute URL links to open a Web browser, the HCP protocol can be used to execute URL links to open the Help and Support Center feature.

Are third-party applications affected by this issue?
Yes. Third-party applications, primarily Web browsers, are affected by this issue if they are capable of handling the HCP protocol.

What causes this threat?
The Windows Help and Support Center does not properly validate URLs when using the HCP Protocol.

........

Impact of Workaround: Unregistering the HCP protocol will break all local, legitimate help links that use hcp://. For example, links in Control Panel may no longer work.

(emphasis mine)

erm ...may not want to apply that patch cos it doesnt specify exactly what in control panel (hcp also does logo checks and online updates for drivers as an example) quits working...
id advise keeping a sharp eye out for 'hcp://' urls on the web...

..ofc that may not be feesable (i.e. "grandmas computer") so... end users call on that one...

(edit: clarity)

[Bieb]

Just another reason to switch to windows 7....

get away from the almost decade old outdate os already.

[White Stripes]

win7 has just as many problems... just in different areas...

[Blitzen]

Thanks for the link Trestor, ive run the fix and now await the permanant fix on 13th July ......... luckily at the moment my country does not seem to be one of the main ones being targeted yet

[Bieb]

win7 has just as many problems... just in different areas...

Windows 7 is at least fully supported by Microsoft. Windows XP is at the very end of its life and I expect many developers to stop supporting it on their applications sooner rather than later. Windows 7 runs much better than xp ever did.

[Max™]

to be honest, ive heard of problems with win 7 the dame as vista has problems,
i know a room host on here crashes every day if she dont reboot every day, shes on vista,
i know another, she would crash every day, sometimes more than once, and that started the day after she installed win 7

[Bieb]

to be honest, ive heard of problems with win 7 the dame as vista has problems,
i know a room host on here crashes every day if she dont reboot every day, shes on vista,
i know another, she would crash every day, sometimes more than once, and that started the day after she installed win 7

Could be people who "upgrade" instead of doing a fresh install.

I have run windows  7 over a month without any crashing of any kind.

[Pri]

I'm using Windows Server 2008 R2 which is basically Windows 7 with a control panel for server roles. And my current uptime on my room is 78 days.

All the major operating systems can host a stable room for months.

[Lagerlout666]

DRIVERS!!!!!!!!

Win7 64bit, amd x3 2 gig ram(which is low i know) runs like a dream, far better than vista ever did and i had 4 gig ram then.

[White Stripes]

Windows 7 runs much better than xp ever did.

you buying the disc for me? .... or the new hardware? ... win7 may be installable on a p3 (w/ 256mb ram) but i bet it doesnt run too well... (if it aint broke... dont fix it.. if its end of life... time to switch to linux...)

that being said win7 is nice ... background defrag.. the 'superbar' ... UAC that... while annoying as hell allows install as admin but run as user (running as root in linux is a no no.. took MS creating user annoyance control to get vendors to figure this one out for windows... unfortunatly older apps... such as winmx... arent so happy about it...) amongst many other usefull things... (too many to list basically)...

...that being said however... by 2014 when xp is nolonger supported in any form... i plan to have either linux with wine or reactos (if its to a useable point) installed on what used to be the one-token windows box... i dont see win7 as 'worth it' for my own uses...

[Bieb]

Windows 7 runs much better than xp ever did.

you buying the disc for me? .... or the new hardware? ... win7 may be installable on a p3 (w/ 256mb ram) but i bet it doesnt run too well... (if it aint broke... dont fix it.. if its end of life... time to switch to linux...)

that being said win7 is nice ... background defrag.. the 'superbar' ... UAC that... while annoying as hell allows install as admin but run as user (running as root in linux is a no no.. took MS creating user annoyance control to get vendors to figure this one out for windows... unfortunatly older apps... such as winmx... arent so happy about it...) amongst many other usefull things... (too many to list basically)...

...that being said however... by 2014 when xp is nolonger supported in any form... i plan to have either linux with wine or reactos (if its to a useable point) installed on what used to be the one-token windows box... i dont see win7 as 'worth it' for my own uses...

 Winmx runs just fine on windows 7. Windows 7 is made for computers with large amounts of ram and powerful processors because that's what is being sold right now... Computers with 4 to 4 gigs of ram and faster processors.  It may not be good for your ancient system but for the rest of the consumer market who has the latest and new stuff it works far better than any previous version of windows ever did. You can't move on from the past if you don't change....

[GhostShip]

As long as moving on is done for a valid reason and not just to get bragging rights over your acquaintance's who actually just think you got more money than brains.

The simple fact of the matter here is that an older windows operating system is still the most used and most popular and thus most likely to work well for longer, downgrading to whatever O/s vendors want to sell you is hardly a reason to change anything, I cant think of anything I need that XP does not offer, perhaps not all folks can say that but the stats show its the view of the majority.

[Blitzen]

The only reason i could see the majority of  people changing their xp to windows 7 is when microsoft stop supporting xp because as this article shows security issues still arise in xp and if it is no longer supported then your system becomes vunerable. As long as xp is supported i will still use it on some of my systems, i already have win 7 on other systems that use to have vista and i personaly like win 7 but iam also in the same boat of only changing when i have too.

[Max™]

Blitzen, and everyone,
basically, microsoft already stopped supporting XP, the help and support is mostly a database,
the windows updates some people still do with XP is only updating microsoft's own security holes in internet explorer,
there hasnt been any XP updates since service pack 3, still people try to use windows update, and as in quite a few threads we have seen, XP users have been getting 'blue screen' and other problems only affecting XP, not Vista or win 7 (possibly deliberate)
i like XP and i use Firefox due to being 100% safer than internet explorer.

[Blitzen]

Seems Firefox is now also attracting the wrong kind of attention too max

http://news.techworld.com/security/3221233/bank-theft-trojan-aims-at-firefox-users/

[Pri]

The simple fact of the matter here is that an older windows operating system is still the most used and most popular and thus most likely to work well for longer, downgrading to whatever O/s vendors want to sell you is hardly a reason to change anything, I cant think of anything I need that XP does not offer, perhaps not all folks can say that but the stats show its the view of the majority.

Few reasons I use Windows 7 over XP.

1. Supports TRIM for SSD's (Without it, SSD's will become so slow within a years use it negates the purchase)

2. Windows XP 32-bit only supports 4GB of addressable memory. Under XP with my system only 2.5GB of my 12GB of memory is usable. 64-bit Windows is to buggy to use.

3. Windows 7 64-bit has better security including only supporting signed drivers making it harder for rootkits to get kernel level access. It also includes memory remapping and randomization to hinder injection attacks.

4. Direct X 10 / Direct X 11. Both of which enable higher fidelity graphics than DX9.

5. Upgraded DXVA which allows High Definition Videos within VLC / Media Player Classic to be decoded using the GPU resulting in only 1-2% of the CPU being used even with 20GB 1080p High Definition files

6. Supports better power management including granular power profiles for PCIe devices, raid arrays, usb and more.

7. Better multithread support. The thread handling services built in to XP is really not designed for the 4-8 thread processors shipping today.

8. 3TB Hard Disk Support. If you have a Windows XP machine you are limited to using 2.1TB Hard Disks. It only supports a 32-bit LBA addressing system which taps out at 2.1TB. The new Seagate 3TB drive that was just announced? Sorry your out of luck.

9. Doesn't support the new 4K Sector size disks without performance penalties and drive specific support. Like those 1.5 or 2TB drives? Better get them now because as more companies switch to larger sector sized drives you'll be out of luck (again)

10. Built in backup system that is set and forget and actually works very well over a Network or External Hard Disk.

11. Resolution Independence. As more people begin to buy larger and larger DPI screens it is important to have an operating system capable of resolution independent graphics. Windows 7 has this built in. For those not aware this allows things on the screen to scale correctly to the size of your display so that if you have a 20" display with a super high resolution like 4096x2560 then things don't look really tiny, but also don't look pixelated when 'resized'.

12. Direct Compute. This is a new technology which allows hundreds of cores present in all the latest graphics cards to be used for processing C and C++ code. Competing technologies CUDA, STREAM and OpenCL are also supported under Vista and Windows 7. Support under XP for these things are sketchy at best. Why is this important? It is the difference between encoding a movie in 30 minutes on your CPU and 2 minutes on your Graphics Card.

13. No GUID Partition Table support. This is a very important and required feature if you want to make partitions over 2.2TB in size. MBR tops out at 2.2TB. Now above you saw me mention the LBA limit for single Hard Disks. But this GUID partition support is separate to that issue you see lets say you have 3x1TB in a RAID0 array (not recommended but just for this example) on XP you would have to split that in to two separate partitions because the MBR cannot physically allow one partition over 2.2TB in size. This is why Windows Vista and Windows 7 support GUID Partitions as opposed to MBR. The limit with GUID? 9.4 ZB. Yes Zettabyte.

These are just some of the reasons why I switched. There are many others. If you don't personally care about any of this stuff ^ then stick with XP by all means. But for what I do with my computer XP stopped being viable. It simply has to many limitations.