Danger Sampei Nihira Security Config WinXP (POS Ready2009) 2020

[Sampei Nihira]

This Zero-Day almost certainly also affects I.E.8:

Microsoft Patches Actively Exploited Internet Explorer Zero-Day

Microsoft released security updates to patch an actively exploited zero-day remote code execution (RCE) vulnerability impacting multiple versions of Internet Explorer. https://www.bleepingcomputer.com/news/security/microsoft-patches-actively-exploited-internet-explorer-zero-day/

malwaretips.com

I entered a rule for the total block of I.E.8.

 

[Sampei Nihira]

Now that I have some free time I have done a test to check the CVE-2020-0674 vulnerability in my I.E.8.
I found the test file thanks to 0Patch:

Micropatching a Workaround for CVE-2020-0674

A Kill Switch for Vulnerable jscript.dll by Mitja Kolsek, the 0patch Team Last Friday, Microsoft published an advisory about a r...

blog.0patch.com

To make the test after the creation of the HTML file I had to make 2 changes:





but the result is unexceptionable:



I.E.8 is vulnerable.
I did well to take the countermeasures already mentioned .

P.S.

I would like to advise users who have multiple browsers installed to check which is the default browser that opens the HTLM and HTM files and possibly change this setting with the browser they consider more secure.

 

[ForgottenSeer 823865]

Home users doesn't need IE anyway, better remove it.

 

[Sampei Nihira]

Home users doesn't need IE anyway, better remove it.

There are those who say that the removal of I.E.8 is possible in Windows XP.
I believe it is inadvisable to remove I.E.8.
Why Trident in Windows XP is used in multiple software.
And this is easy to avoid, just don't use them.
But it is also used:

..... in Windows XP it is also used for the User Accounts Control Panel, which is an HTML Application ......

Trident (software) - Wikipedia

en.wikipedia.org

And this cannot be ignored.


Indeed, since the command below is configured as an HTML application, I placed it under anti-exploit protection

Control.exe nusrmgr.cpl

Control Panel (Windows) - Wikipedia

en.wikipedia.org

 

[ForgottenSeer 823865]

Now I remember why I never like XP haha.

 

[Sampei Nihira]

With my XP, however, I don't have to worry about new forms of attack that are increasingly incisive:

Building a bypass with MSBuild

By Vanja Svajcer. NEWS SUMMARY * Living-off-the-land binaries (LoLBins) continue to pose a risk to security defenders. * We analyze the usage of the Microsoft Build Engine by attackers and red team personnel. * These threats demonstrate techniques T1127 (Trusted Developer Utilities) and...

blog.talosintelligence.com

I would say an attack on several fronts which, in my opinion, could bypass some of the security configurations included in this sub-forum.



P.S. Precautionarily I added a rule for blocking MSBuild. *

 

[Sampei Nihira]

CCleaner ver. v5.64.7613, release today, no longer supports Windows XP (and Windows Vista).
There is a special version of CCleaner 5.64.7577 which can be downloaded on the page below:

Which versions of CCleaner work with Windows XP or Vista?

If you are on Windows XP or Vista, you can use CCleaner version 5.64. Download our slim build. Note: We only update this version with critical security updates. XP and Vista and the increased risk ...

support.piriform.com

This version will only ever receive critical security updates.

 

[Sampei Nihira]

Today some free time.
I entered my customizations in ccleaner ver 5.64.
I insert some pictures:

Start:


New Moon 28 which is recognized as Firefox (I don't have Firefox installed), note the custom rules marked with *


Interlink Mail New + Potplayer +MBAE:

 

[Sampei Nihira]

Added CCleaner blocking rule to the host file for CCleaner advertisement which made its appearance despite my rather stringent settings.

 

[Ink]

You can use a $300 smartphone, but cannot replace an insecure OS for a cheap and secure Chromebook, or Low-End Windows 10 S device.

Microsoft Surface Go is sub-$400.
Chromebooks are as low as $200.

This thread is a joke and an embarrassment.

All opinions are my own.

 

[Sampei Nihira]

You can use a $300 smartphone, but cannot replace an insecure OS for a cheap and secure Chromebook, or Low-End Windows 10 S device.

Microsoft Surface Go is sub-$400.
Chromebooks are as low as $200.

This thread is a joke and an embarrassment.

All opinions are my own.

I can't replace it because besides the pc with W.XP we also have another pc with W.10.
I wrote it several times.
It was enough to read.
So your replacement advice is as useless as your comments.

 

[Ink]

I can't replace it because besides the pc with W.XP we also have another pc with W.10.
I wrote it several times.
It was enough to read.
So your replacement advice is as useless as your comments.

You have 2 PCs. You deliberately chose to share a controversial topic.

There are 10 pages of nonsense. No one is going to read a dead product thread.

Windows XP is no longer supported by Microsoft.

 

[LDogg]

Usage of IE 8 should ring some alarm bells and shouldn't be used at all, regardless of what you're doing. Same for XP, again unless you're a company, hospital, or an organisation with critical infrastructure, there's no need to be using Win XP.

When upgrading to Win 7 (optional, not forcing you), backup everything or the essential stuff.

~LDogg