I did find an entry for Octoshape in Add/Remove to the one machine I have physical access too. But I can't actually find where the EXE's are located.
My Audit program doesn't list the paths of exe's found. (Silly). Does Vipre report a file path for you? From: Eric Wittersheim [mailto:eric.wittersh...@gmail.com] Sent: Friday, February 06, 2009 11:59 AM To: NT System Admin Issues Subject: Re: OT: Warning (watching live video on CNN requires you to install a P2P client) I set Vipre to block the octoshape.exe and it found it on a deep scan. In the article it states that there is an uninstaller for this. On the laptop that I found it on there is not an entry for Octoshape in Add/Remove Programs. On Fri, Feb 6, 2009 at 9:32 AM, Peter van Houten <peter...@gmail.com> wrote: Heads up for those not subscribed to Patch Management (link may wrap): ------------------------------------------------------ On the 05/02/2009 23:49, Brandon Pearson wrote the following: [Moderator's note: Off-topic for discussion, but FYI. We can discuss more when it has a security hole and we need to patch it. :) Also fair disclosure, I'm mentioned in the article. - Ryan] The article is long, but here is the main concept: "Clicking "yes" to a CNN.com dialog box installed a peer-to-peer (P2P) application that uses your Internet bandwidth rather than CNN's to send live video to other viewers." This bothers me. Even if all it is used for is to share the feed out to other users, there's still the issue of bandwidth overhead to deal with. But more concerning is that it might introduce a backdoor into a secure network. As mentioned in the article: "Any Web site you visit that is "Octoshape aware" can invoke the application. If a security vulnerability is discovered in the Octoshape software, hackers could exploit the weakness." http://windowssecrets.com/2009/02/05/01-Watch-a-live-video-share-your-PC -with-CNN > We have already found several systems on our network that have this installed and are taking steps to remove it from the systems now but this could be something you might want to check into on your own networks. --- When posting or replying to messages on this list, please send all emails in plain text format. HTML formatted messages will not be accepted. PatchManagement.org is hosted by Shavlik Technologies To unsubscribe send a blank email to leave-patchmanagem...@patchmanagement.org If you are unable to unsubscribe via this email address, please email owner-patchmanagem...@patchmanagement.org ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
