6/16/2010

10 Responses to “Note to Windows XP Users”

1. Many thanks!

   Dmac (3d61d9) — 6/16/2010 @ 7:40 am

   
   

2. Hmm, I thought that Google’s motto used to be “Do no evil”. Considering that not only did the Goog-droid make the flaw public on short notice, but also released source code for the exploit (see the article at Slashdot for more), I suspect they ought to apply some Hope-n-change to things.

   Note: Slashdot is a decidedly un-friendly-to-Microsoft place, but this is a bit over the top even for their readers.

   Red County Pete (c99a43) — 6/16/2010 @ 8:19 am

   
   

3. I appreciate your posting this, DRJ. Important safety notifications in addition to sparkling commentary and smart commenters. This is why Patterico is such a “go-to” site. Thanks.

   elissa (c5c6b8) — 6/16/2010 @ 8:21 am

   
   

4. Questions for the techno pros here:

   I never heard of this Dwight Silverman fellow before, but I assume DRJ or some of our website support have a high confidence level in what he says. true??

   Is it conceivable that usually visited sites, like this one, could have an infected link or pop-up ad infiltrate the site without the host’s knowledge?

   I have a choice to download a just made software patch for a just discovered problem, or to not click on things I normally wouldn’t click on anyway. I think I’ll wait at least 24 hours to see if Mr. Silverman has info on whether computers are crashing trying to apply the fix

   “To err is human, to really mess things up takes a computer.” (And to cause utter chaos and anarchy takes an expansive computer network).

   MD in Philly (5a98ff) — 6/16/2010 @ 8:36 am

   
   

5. Good point, MD. My link is to the Houston Chronicle Tech blog and he links a Microsoft website for the short-term fix, but I can’t guarantee the reliability of any of them.

   DRJ (d43dcd) — 6/16/2010 @ 8:53 am

   
   

6. If you are comfortable doing regedits, simply export the HKEY_CLASSES_ROOT/HCP registry entry, and save it somewhere, and then delete the entire HCP entry.

   If you do encounter any issues with this, you can simply import the key back, and you’re restored.

   This is the manual fix recommended by Macroshaft, or they do have a script deployed to do this for you.

   NavyspyII (df615d) — 6/16/2010 @ 9:47 am

   
   

7. “Is it conceivable that usually visited sites, like this one, could have an infected link or pop-up ad infiltrate the site without the host’s knowledge?” Yes. NYT has had this problem. among others. Third party ads are often the source.

   Sensible browsing habits are probably the single greatest protection, even so. Fixes are usually chasing the curve. Keep systems and applications patched up as much as possible (and carefully, pro-actively, not reactively based on some popup notice!) and be aware of what you’re clicking and why.

   Dan S (b5ccb6) — 6/16/2010 @ 1:05 pm

   
   

8. I use Adblocker in addition to AVG, and for the most part no problems have been experienced.

   Dmac (3d61d9) — 6/16/2010 @ 1:14 pm

   
   

9. Thanks everyone for your input. Like many people, I struggle between knowing enough to get into trouble :-0 and knowing enough to get by.

   NYT I assume is a pretty “busy” website. How possible is it that the problem would infiltrate here, or PowerLine, for example?

   MD in Philly (5a98ff) — 6/16/2010 @ 1:54 pm

   
   

10. From what I’ve seen, a fair amount of malware is sneaking into adverts, perhaps frequently, unknown to all the parties, including the advertiser. I’ve been using Malwarebytes Anti-Malware (heard it recommended in a Symantec thread–the word was that the support techs would use it to scan for and clean virii that Norton couldn’t clear) and it occasionally tells me it blocked access to a dubious site. This is on my normal browsing pattern, where the raciest stuff is Robert McCain’s. 🙂

    The usual good practice is to keep your system and browser updated (a pain on dialup, but I do it), use adblockers and/or Noscript (i use both) and watch out where you are surfing.

    Red County Pete (9b9971) — 6/16/2010 @ 3:22 pm