Two Windows vulnerabilities, one a 0-day, are under active exploitation

Both vulnerabilities are being exploited in broad, wide-scale operations.

See full article...

 

[DaveSimmons]

This can be done by setting the Windows Explorer to disable the automatic resolution of such files.

It could save readers some searching if the article adds a link to instructions for this.

 

[DaveSimmons]

You could just as easily provided the link yourself instead of directing a complaint at me:

https://duckduckgo.com/?q=set+Windows+Explorer+to+disable+the+automatic+resolution+of+.lnk+files

Sorry if that came off as snark or a complaint. I hadn't done the search and waded through any AI slop in the results and I thought you might already have a link that you knew was accurate from researching the story.

 

[DaveSimmons]

I just discovered that the link I put in, didn't make it into the last-published story that went live. It's: https://arcticwolf.com/resources/bl...-zdi-can-25373-vulnerability-to-deploy-plugx/. It doesn't say or link to how you can do that. I didn't have a link handy to a how to when I responded and was out running an errand. I just thought it'd be quicker/easier/more helpful if I just sent a quick link with a reminder that that's where I would have to start. Sorry if that came off wrong.

We do all know how to type a question into a search engine, but these days that can be the start of a long slog. With 30+ years of Windows internet history there's a huge amount of information that stopped working after XP, 7, 8, 10 that still appears in search results.

ChatGPT and such are no better. When I bother to ask them development questions, more often than not I get hallucinations that solve the wrong problem and/or won't even compile. No, ChatGPT. the InstallShield UI hasn't worked that way for over a decade and your PowerShell code just errors out as an MSI custom action.

I tried to say (perhaps not very clearly) that if you had working instructions then posting a link to them would've saved us readers some duplicated effort. If not, then saying so was all you needed to do.

 

[DaveSimmons]

How about recognizing that it's late on a Friday night (and Halloween at that) and give him a little grace. Especially as he came back well outside working hours to apologize to that specific arsian in the very comment you quoted.

Yes, I think the "let me google that for you" initial response wasn't helpful but I'm not outraged or asking to speak with his manager Karen-style

 

[DaveSimmons]

For the .lnk issue, there's no real mitigation. They could fix the Windows 95-era interface to make it more obvious what's being run, but the real issue is a user executing malware and should be addressed from that perspective - user education, malware scanning, etc.

The WSUS issue has a patch.

That would also have been fine to say in the article. A link to a fix or noting that there is no fix would both be more helpful than having us all duplicate the effort to search.