NojusK Posted March 30, 2019 Share Posted March 30, 2019 26 minutes ago, Sampei.Nihira said: Hi. Internet Explorer is the biggest weakness in an unpatched OS. It's a big weakness even in patched OS. An example in the recent news: https://thehackernews.com/2019/03/microsoft-edge-ie-zero-days.html Better to take some extra precautions. I seeLooks like time to lock IE after april 9th Link to comment Share on other sites More sharing options...
Vistaboy Posted April 2, 2019 Share Posted April 2, 2019 Sometimes i've tried to disable IE. It was a mess, because other applications (i.e Excel sheets) that must interface with web-pages (data update) become unusable. So i've desisted and get aware that even if you don't use IE, you can delete/disable it from your S.O. I'm really curious about Sampei.Nihira partial attempt can be resolutive of cited dysfunctions. Link to comment Share on other sites More sharing options...
TuMaGoNx Posted April 7, 2019 Share Posted April 7, 2019 I thought Posready was equipped with FBWF/EWF for a reason... with junction.. App virtualizer.. and maybe disk image mounter.. why slowdown the OS with "malware" called heuristic antivirus/HIPS or wahtever? Just kidding Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted April 9, 2019 Author Share Posted April 9, 2019 On 3/30/2019 at 4:03 PM, Sampei.Nihira said: My list of changes to be made after April 9 th: 1) I.E.8 (Script blocking) - F12 -> Disable -> script 2) I.E. 8 (Trick 1803) or OSA Rule for I.E. 3) Control panel -> Pc security center -> Automatic updates -> Disable automatic updates 4) services.msc -> Pc security center -> Stop the service -> Start type disabled 5) service.msc -> Automatic Updates -> Stop the service -> Start type disabled Changes made. Link to comment Share on other sites More sharing options...
dencorso Posted April 9, 2019 Share Posted April 9, 2019 On 3/30/2019 at 12:03 PM, Sampei.Nihira said: 2) I.E. 8 (Trick 1803) or OSA Rule for I.E. Well... what "Trick 1803" is supposed to mean? Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted April 10, 2019 Author Share Posted April 10, 2019 8 hours ago, dencorso said: Well... what "Trick 1803" is supposed to mean? I explained it in the first post of this 3D. There is also an image that shows that the download of the executable file is blocked. 1 Link to comment Share on other sites More sharing options...
Vistaboy Posted April 10, 2019 Share Posted April 10, 2019 (edited) 18 hours ago, Sampei.Nihira said: 3) Control panel -> Pc security center -> Automatic updates -> Disable automatic updates oh no, doing so you'll never know if MS will give an update for POSReady2009 in next years as they did it in 2017 about Wannacry for XP after 3 years of EOS Edited April 10, 2019 by Vistaboy 2 Link to comment Share on other sites More sharing options...
sparty411 Posted April 10, 2019 Share Posted April 10, 2019 2 minutes ago, Vistaboy said: oh no, doing so you'll never know if MS will give an update for POSReady2009 in next years as they did it in 2017 about Wannacry for XP after 3 years of EOS My thoughts exactly. I'll keep automatic updates turned on for now. 1 Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted April 10, 2019 Author Share Posted April 10, 2019 (edited) Disabling scripts in I.E.8 causes the problem highlighted in the example below with Outlook Express: With Scripts enabled: Edited April 10, 2019 by Sampei.Nihira Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted April 10, 2019 Author Share Posted April 10, 2019 @sparty411 @Vistaboy These news would also be reported here. With 2 other services disabled (no longer useful) the OS should also be more responsive. 1 Link to comment Share on other sites More sharing options...
Mathwiz Posted April 10, 2019 Share Posted April 10, 2019 I do find the PC security center pretty useless. Mostly it just (incorrectly) reports that Windows Firewall isn't turned on, or that I have no AV software enabled, for a few minutes during boot-up. As for automatic updates, I still need them for Office 2010, but have long had mine set to "Notify me but don't automatically download or install them." Seems like a reasonable compromise: when the rare update appears, I get the yellow shield, then I click on it and see what's available. Then if I want it, I just download & install it via Microsoft Update; if not, I hide it and the yellow shield goes away. Link to comment Share on other sites More sharing options...
Dave-H Posted April 10, 2019 Share Posted April 10, 2019 Exactly what I do! Link to comment Share on other sites More sharing options...
dencorso Posted April 10, 2019 Share Posted April 10, 2019 On 3/30/2019 at 1:03 PM, someguy25 said: 3) Control panel -> Pc security center -> Automatic updates -> Disable automatic updates That I have done before 1st connecting to the internet, at install time, 12 years ago (and on every subsequent new installation I did on my other machines from SP2 time onwards). Since then I always serached for updates manually, using the "Custom" option. That's how I prevented KB905474 (by hiding it) from installing. After that, on serarching again it offered KB892130, which I accepted. 1 Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted April 12, 2019 Author Share Posted April 12, 2019 (edited) Interesting Internet Explorer zero-day: https://www.zdnet.com/article/internet-explorer-zero-day-lets-hackers-steal-files-from-windows-pcs/ I wonder if the vulnerability can also affect I.E.8. The default application to open MHT files in Windows XP is Internet explorer 8: Pale Moon (and New Moon) requires an extension to be installed to read and write MHT files: https://en.wikipedia.org/wiki/MHTML For the moment I have not installed the extension for New Moon but I have changed the default program to open these types of files: Edited April 12, 2019 by Sampei.Nihira Link to comment Share on other sites More sharing options...
Mathwiz Posted April 12, 2019 Share Posted April 12, 2019 (edited) Here's a link to the MAFF/MHTML add-on for FF 52: http://maf.mozdev.org/installation.html. Click "final version" to download and install. "Previous versions" link appears broken, but previous versions are available via the Classic Add-ons Archive (which is itself an add-on!) Should work on all UXP and Moebius browsers (FF 52.x/PM/NM/Basilisk/Serpent). You can then set your FF-family browser as the default for opening .mht[ml] files as above. If you use the IE Tab 2 extension, make sure to delete the rule that causes .mht[ml] files to open in an IE tab; otherwise they'll still be opened with IE and still be vulnerable to the exploit! Edit: Alternatively, I believe Opera 12.18 will open .mht[ml] files. Not sure about later, Chromium-based versions of Opera. Edited April 12, 2019 by Mathwiz Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now