Jump to content
SAU Community

Recommended Posts

Another one here for a whole lot of characters appearing when clicking on an image.

Also noticed when i first logged in today this site wanted to install an Active X control, some Microsoft Data something or other. I didnt install it as i didnt see a notice to say that it was okay to run on the bulletin board.

Some of the fonts are showing up larger than they usually do aswell

Are these related?

I still can't upload images into private messages.

I browse, double click and the image name appears but when I ckick on add attachment it goes to a blank page rather than show the attachment in the pm.

Anyone else have this problem or have I picked up a virus or something?

i stil cant upload, and now i cant even login to msn.. that dsb.exe must have infected my pc, and now i feel like taking SAU to court.. :\

lol, if you read the conditions when you join the site there is a bit in there about SAU not being liable for such actions as you should have adequate protection.

lol, if you read the conditions when you join the site there is a bit in there about SAU not being liable for such actions as you should have adequate protection.

im just mucking around, relax.. but i suggest u get someone to fix this crap.. the exploit is still there..

We realise there is an issue.

Its a lot harder to fix something than you realise because there are limited people with access.

And the people with access are busy, they have thier own personal lives as SAU Admins/Mods are unpaid...

If your own PC is correctly protected then you wont have an issue.

Please be patient. Constantly posting about the fact it isnt fixed, simply is not going to help the issue especially when your not even a donor :D

For the exploit to work it *needs* Microsoft XML Core Services to be installed. Microsoft XML Core Services are not installed by default on Windows XP, but there seems to be a lot of packages using it, Visual Studio appears to be one common one. You can check in the Add or Remove Programs applet if you have it installed.

> The exploit works in both IE6 and IE7, which makes sense since it's exploiting a vulnerability in an ActiveX object, not in the browser itself. When executed the exploit creates an MSXML 4.0 ActiveX object (88d969c5-f192-11d4-a65f-0040963251e5). It then uses multiple setRequestHeader() method calls to execute shellcode which is included with the exploit. Once executed the shellcode (of course) first downloads the first stage downloader. At the moment it's a file called tester.dat:

16ac9982d177a47a20c4717183493e95 tester.dat

This downloader then downloads subsequent files (yet to be analysed). It looks like some AV vendors are beggining to detect the exploit. At this moment it is being detected by McAfee as Exploit-XMLCoreSrvcs and Symantec as Bloodhound.Exploit.96*. Microsoft also detects it as Exploit:HTML/Xmlreq.A. The best protection, is to prevent the XMLHTTP 4.0 ActiveX Control from running in Internet Explorer, as stated in Microsoft's advisory: http://www.microsoft.com/technet/security/...ory/927892.mspx ."

* http://www.symantec.com/security_response/...-110611-5730-99

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Similar Content

  • Latest Posts

    • Hey guys,  Way back when (about 15yrs plus), I picked up a beautiful set of Tein 'Super Racing Spec Circuit Master RE' coilovers from Russman. I have legit never fitted them to my car, as it was garaged indefinitely while i bought a house Yada Yada. They look brand new! Anyway its time to pick up where I left off, and have started doing some khanacross and am booked in for a hill climb next month. The car has some hard af Nismo shocks in ATM, which has me wanting to upgrade again, and now I am left wondering if it's worth having these teins rebuilt? I think they where an ok shock back then, but how do they compare to what's on the market now?  Shockworks/mca are 2800+, and I am sure they are great. But if I can have these rebuilt and be better than, say, a set of bc's for around the cost of bc's, I would be happy with the performance v cost trade off.  If they are considered outdated and rubbish these days, so be it, I'll put them on the shelf and be happy to look at the pretty green colour while I save for the SW/MCA option. Grateful for your thoughts on the matter, and suggestions on who could do the rebuild if it's a worthwhile pursuit.  cheers, Rowdy. 
    • I can't speak for the US, but for Canada as I mentioned above, all fuel gases contain ethanol. We have regulations for E5/E10/E15. Each province handles it differently but basically any fuel gases sold must be E10 and slowly increasing to E15 by a certain year. 
    • Hey guys, Purchased and drove up new wheels from Vic last weekend. Car never been registered in Aus before. Only thing was aware of was pod filter which reverted back to stock. Went to get blue slip in western sydney. Everything with car fine (compliance etc) and knocked back for coilovers. Was told illegal and need engineering cert. Called the certifier they recommended and was told at min $1000 to certify them. I was then told HP can STILL defect you even with them certified. All this was news to me. Is this just a case of deal with pay the $1000 and run the risk? Kind of nuts given the amount of people running with coils I know of. No one I know has OEMs to use to pass, either.
    • Welcome mate. Best Stagea is best Stagea. How is it driving a correct hand drive vehicle driving on the right? The Japanese do the opposite here and they've made parking boom gate ticket things on both sides to cater for LHD and RHD cars, as there's so many of them (mostly German but there are quite a few American cars too).
    • So of these and these, which ones have ethanol in them? 
×
×
  • Create New...