Windows 10: finger.exe Vulnerability affecting all Windows Operating Systems, potential mitigation?

Discus and support finger.exe Vulnerability affecting all Windows Operating Systems, potential mitigation? in AntiVirus, Firewalls and System Security to solve the problem; Dear Microsoft Community, I would be interested to hear your response to possible mitigation against the use of finger.exe to download malicious code... Discussion in 'AntiVirus, Firewalls and System Security' started by mycs, Jan 27, 2021.

  1. mycs Win User

    finger.exe Vulnerability affecting all Windows Operating Systems, potential mitigation?


    Dear Microsoft Community,


    I would be interested to hear your response to possible mitigation against the use of finger.exe to download malicious code as described in the following:

    https://www.bleepingcomputer.com/news/security/windows-10-finger-command-can-be-abused-to-download-or-steal-files/
    https://www.bleepingcomputer.com/news/security/windows-finger-command-abused-by-phishing-to-download-malware/
    https://vuldb.com/?id.161165


    As far as I know finger.exe isn't used much by people, therefore I have on my personal machines tried the following to mitigate:

    1 Change permission of c:\windows\system32\finger.exe from Trusted Installer ownership to administrators.
    2 Rename to finger.exe.old

    What are your thoughts?

    :)
     
  2. t0yz Win User

    Mitigating the last "L1 terminal fault" vulnerabilities - possible or not?

    I've read that, thanks.

    If what you saying is true, this is a departure from how previous vulnerabilities were described, and just adds confusion. The previous way of doing it made far more sense, you could see if the necessary hardware (microcode) was there and if the mitigation
    is enabled&working.

    With this formulation, it suggests that the hardware is vulnerable, and that's it. Yes you applied the mitigations, but... hardware is still found to be vulnerable.

    The whole reason we apply these mitigations is to patch the vulnerable hardware and achieve a non-vulnerable state. You don't want to see that you're still vulnerable with all mitigations in place.
     
  3. Yukikaze Win User
    WPA2 Vulnerability Found

    A small update with regards to the Microsoft fix. The fix itself is sufficient to solve the issue on Windows, even if your WiFi device has no driver update, with one caveat:

    Does this security update fully address these vulnerabilities on Microsoft Platforms, or do I need to perform any additional steps to be fully protected?
    The provided security updates address the reported vulnerabilities; however, when affected Windows based systems enter a connected standby mode in low power situations, the vulnerable functionality may be offloaded to installed Wi-Fi hardware. To fully address potential vulnerabilities, you are also encouraged to contact your Wi-Fi hardware vendor to obtain updated device drivers. For a listing of affected vendors with links to their documentation, review the ICASI Multi-Vendor Vulnerability Disclosure statement here: http://www.icasi.org/wi-fi-protected-access-wpa-vulnerabilities

    Source: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080
     
    Yukikaze, Jan 27, 2021
    #3
  4. Brink Win User

    finger.exe Vulnerability affecting all Windows Operating Systems, potential mitigation?

    BootHole vulnerability in Secure Boot affecting Linux and Windows

    Read more: https://eclypsium.com/2020/07/29/the...e-in-the-boot/
     
    Brink, Jan 27, 2021
    #4
Thema:

finger.exe Vulnerability affecting all Windows Operating Systems, potential mitigation?

Loading...
  1. finger.exe Vulnerability affecting all Windows Operating Systems, potential mitigation? - Similar Threads - finger exe Vulnerability

  2. Microsoft publishes mitigation instructions for Downfall vulnerability in Windows

    in Windows 10 News
    Microsoft publishes mitigation instructions for Downfall vulnerability in Windows: Microsoft published a support article about the recently disclosed CVE-2022-40982 vulnerability, commonly referred to as Downfall, that affects Windows devices. The vulnerability was disclosed earlier this month. It affects several Intel processor versions and all supported...
  3. If forbidden copy.exe and move.exe in gpedit, will it affect window system operating?

    in Windows 10 Software and Apps
    If forbidden copy.exe and move.exe in gpedit, will it affect window system operating?: If forbidden copy.exe and move.exe in gpedit, will it affect window system operating? https://answers.microsoft.com/en-us/windows/forum/all/if-forbidden-copyexe-and-moveexe-in-gpedit-will-it/1414e8fa-de8b-4005-8fb3-26e192513335
  4. If forbidden copy.exe and move.exe in gpedit, will it affect window system operating?

    in AntiVirus, Firewalls and System Security
    If forbidden copy.exe and move.exe in gpedit, will it affect window system operating?: If forbidden copy.exe and move.exe in gpedit, will it affect window system operating? https://answers.microsoft.com/en-us/windows/forum/all/if-forbidden-copyexe-and-moveexe-in-gpedit-will-it/1414e8fa-de8b-4005-8fb3-26e192513335
  5. About emulating SCSI and Vulnerabilities mitigation fixes

    in Windows 10 Performance & Maintenance
    About emulating SCSI and Vulnerabilities mitigation fixes: I've been trying to emulate SCSI on Win10 1903 and it seems that Windows now blocks that type of thing. After a lot of researching I found a workaround to make this possible: Code: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]...
  6. Does BlueKeep affect Windows 7 Operating System?

    in AntiVirus, Firewalls and System Security
    Does BlueKeep affect Windows 7 Operating System?: Would appreciate knowing even though I am about to update my system to Windows 10. Thanks in advance to any kind soul who responds! Sincerely, Bill L. Ph.D Retired Professor of Philosophy...
  7. Potential security vulnerabilities in Intel firmware

    in Windows 10 News
    Potential security vulnerabilities in Intel firmware: Intel ID: INTEL-SA-00191 Advisory Category: Firmware Impact of vulnerability: Escalation of Privilege, Denial of Service, Information Disclosure Severity rating: HIGH Original release: 03/12/2019 Last revised: 03/12/2019 Summary: Multiple potential security vulnerabilities...
  8. Guidance to mitigate unconstrained delegation vulnerabilities

    in Windows 10 News
    Guidance to mitigate unconstrained delegation vulnerabilities: Executive Summary Active Directory Forest trusts provide a secure way for resources in a forest to trust identities from another forest. This trust is directional; a trusted forest can authenticate its users to the trusting forest without allowing the reverse.  A...
  9. Mitigating the last "L1 terminal fault" vulnerabilities - possible or not?

    in AntiVirus, Firewalls and System Security
    Mitigating the last "L1 terminal fault" vulnerabilities - possible or not?: Hello, So I have a 8700K and MSI Z370 with the last BIOS (and also the last, and necessary microcode update - see picture). I have installed the OS patch (Windows 10 x64). Yet the PC is still vulnerable, I can't figure why. This is from the perspective of a normal...
  10. Mitigating speculative execution side channel hardware vulnerabilities

    in Windows 10 News
    Mitigating speculative execution side channel hardware vulnerabilities: On January 3rd, 2018, Microsoft released an advisory and security updates related to a newly discovered class of hardware vulnerabilities involving speculative execution side channels (known as Spectre and Meltdown) that affect AMD, ARM, and Intel CPUs to varying degrees. If...