Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TDSS/ TDL4 / Aleuron & MS Security Update KB2347290


  • Please log in to reply
3 replies to this topic

#1 crazypctech2010

crazypctech2010

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 16 December 2010 - 09:11 AM

Hello,

I have been researching all over the internet and I am wondering if anyone here has a solid answer on this.

According to Symantec and other security vendors TDL4 attacks by executing a privilage escalation on the Print Spooler Service. My understanding is the Stuxtnet Worm does the same thing and now TDL4 is using techniques Stuxnet did to infect computers.

If this is the case does the Microsoft security bulletin and update KB2347290 if installed stop TDL4 dead in its tracks or can you still be infected even if that update is installed ? http://support.microsoft.com/kb/2347290

Any information would be greatly appreciated

BC AdBot (Login to Remove)

 


#2 crazypctech2010

crazypctech2010
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 18 December 2010 - 02:34 PM

IS their no one that can help me ?

#3 1972vet

1972vet

  • Malware Response Team
  • 1,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest U.S.A.
  • Local time:04:32 PM

Posted 22 December 2010 - 03:46 AM

Depends on what operating system and printer you're talking about. I actually discovered the vulnerability in the print spooler long before Microsoft announced anything about it...but then, I have a lexmark so it was easy to spot. If you are worried about it, the work around is simple. Just turn off the print spooler. If you want to print something, you must turn it back on manually. Keeping everything updated along with your on board security products is your best defense. And...unless you are talking about corporate systems, I wouldn't worry too much about stuxnet.

Disabled Veteran, U.S.C.G. 1972 - 1978
mvpsigpic.jpg
2009 - 2013

Member: U.N.I.T.E.
Performance and Maintenance for Windows XP, Windows Vista and Windows Seven


#4 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:05:32 PM

Posted 25 December 2010 - 01:21 PM

I'm crazy about updating my system, and I've never been hit with anything OS flaw related.

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users