Windows has a 17 year old un-patched vulnerability

Discussion in 'Apple, Inc and Tech Industry' started by *LTD*, Jan 20, 2010.

  1. *LTD* macrumors G4

    *LTD*

    Joined:
    Feb 5, 2009
    Location:
    Canada
    #1
    http://www.neowin.net/news/windows-has-a-17-year-old-un-patched-vulnerability

    http://www.h-online.com/security/news/item/Windows-hole-discovered-after-17-years-908917.html

    Windows has a 17 year old un-patched vulnerability
    By Benjamin Rubenstein

    When it comes to updating security threats and bugs in their operating systems, Microsoft is, for the most part, pretty good about it. True, there are threats here and there that get overlooked, but eventually, Redmond takes care of them... except in this case.

    The H Security points out that Microsoft has ignored a security hole in Windows since the release of Windows NT 3.1 in 1993. This vulnerability is present in all 32-bit Windows operating systems since then. The problem exists due to a flaw in the Virtual DOS Machine (or VDM), which was used to support 16-bit applications. The flaw allows for a 16-bit program to manipulate the kernel stack of processes. The site notes that "this potentially enables attackers to execute code at system privilege level," making this a real threat to system security.

    The vulnerability was discovered by a member of the Google security team, named Tavis Ormandy. The hole was tested and found to still be present in Windows XP, Server 2003, 2008, Vista, and 7, and can be used to open a command prompt "in the system context, which has the highest privilege level." Ormandy says that he informed Microsoft of this hole back in 2009, but they have yet to fix it. The work around for it happens to be pretty simple; all you have to do is disable the MS-DOS subsystem. It's advised that all companies patch the hole, especially now that the vulnerability is public knowledge. Turning this off should not affect any compatibility issues, unless, for some strange reason, you're still using 16-bit applications.

    Here's how to disable it:

    "The workaround requires users to start the group policy editor and enable the "Prevent access to 16-bit applications" option in the Computer Configuration\Administrative Templates\Windows Components\Application Compatibility section."
     
  2. *LTD* thread starter macrumors G4

    *LTD*

    Joined:
    Feb 5, 2009
    Location:
    Canada
    #2
    New un-patched IE flaw found a day after latest hotfix

    http://www.neowin.net/news/new-un-patched-ie-flaw-found-a-day-after-latest-hotfix#comments

    New un-patched IE flaw found a day after latest hotfix
    By Andrew Lyle

    Only a day after the recent out-of-band Internet Explorer vulnerability patch, a new un-patched Internet Explorer flaw could leave thousands of users at risk.

    The new attack uses smaller un-patched vulnerabilities in Internet Explorer, small enough they couldn’t compromise a system, but together they can overwhelm Internet Explorer and give access to a users machine if the individual clicks on a malicious link. Jorge Luis Alvarez Medina said to Reuters, "There are three or four ways to conduct this type of attack." Alvarez Medina is a security consultant with Boston-based Core who have been researching Internet Explorer weaknesses.

    The smaller exploits triggers four or five minor exploits at the same time, by three or four different methods to trigger the attack.

    Alvarez Medina said that the attack uses a string of four or five minor exploits in Internet Explorer. The vulnerability will be demonstrated at the yearly Black Hat Security conference, which will take place on February 2, 2010.

     
  3. *LTD* thread starter macrumors G4

    *LTD*

    Joined:
    Feb 5, 2009
    Location:
    Canada
    #4
  4. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #5
    So what? All software has bugs, and Apple patches their systems too.
     
  5. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #6
    Isn't it clear that to LTD Apple patches are just another example of how great a company Apple is, while Microsoft patches are just another example of their incompetence?
     
  6. *LTD* thread starter macrumors G4

    *LTD*

    Joined:
    Feb 5, 2009
    Location:
    Canada
    #7
    Whatever dissuades people from using IE, all the better.
     
  7. rdowns macrumors Penryn

    rdowns

    Joined:
    Jul 11, 2003
  8. Queso macrumors G4

    Joined:
    Mar 4, 2006
    #9
    LTD this constant Microsoft bashing is getting a little dull now. This isn't MacDailyNews. MR is where the grown ups play.
     
  9. MacDawg macrumors P6

    MacDawg

    Joined:
    Mar 20, 2004
    Location:
    "Between the Hedges"
    #10
    Why do you even care what other people are using?

    I don't care if people use Windows, IE, MS Office or whatever else they want to use
    Neither do I care if people on the Mac use Firefox over Safari

    Or if they order a Nexus One instead of an iPhone

    Why should I care?

    Woof, Woof - Dawg [​IMG]
     
  10. Consultant macrumors G5

    Consultant

    Joined:
    Jun 27, 2007
    #11
  11. Rodimus Prime macrumors G4

    Rodimus Prime

    Joined:
    Oct 9, 2006
    #12
    For the most part I do not care what other people use. The only selfish reason I like to see people use a browser other than IE is that it force web sites to consider the fact that they can not code for just one browser.

    I hate IE only site.
     
  12. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #13
    Sadly I must agree with LTD on this one. You should care that IE* is still in use because of the public and private infrastructure is based off it. Exploitation of a browser *can* affect you, or at least your personal information.
     
  13. roadbloc macrumors G3

    roadbloc

    Joined:
    Aug 24, 2009
    Location:
    UK
    #14
    Blah blah blah. Software has bugs. Yes, even Apple's software. Who could care less.
     
  14. Eidorian macrumors Penryn

    Eidorian

    Joined:
    Mar 23, 2005
    Location:
    Indianapolis
    #15
    I've noticed a lot of users expect to get patted on the back when they bash Microsoft. If you don't join in with the bashing suddenly you're some paid Microsoft shill that's astroturfing on MacRumors. Wait I own a Mac, how did it go from that to baseless accusations. :rolleyes:

    I still need to make a flowchart. :D

    Thankfully this sub-board is dead enough as it is.
     
  15. Peace macrumors Core

    Peace

    Joined:
    Apr 1, 2005
    Location:
    Space--The ONLY Frontier
    #16
    [rainbows and unicorns]

    ALL operating systems are bug free aren't they?. I mean why release an OS with a bug. Can't the coders do stuff right?.

    [/rainbows and unicorns]
     
  16. Queso macrumors G4

    Joined:
    Mar 4, 2006
    #17
    Just don't use Visio to do it . It'll only set them off ;)
     
  17. skunk macrumors G4

    skunk

    Joined:
    Jun 29, 2002
    Location:
    Republic of Ukistan
    #18
    I'm still collating.
     
  18. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #19
    It goes something like this.
     

    Attached Files:

  19. OllyW Moderator

    OllyW

    Staff Member

    Joined:
    Oct 11, 2005
    Location:
    The Black Country, England
    #20
    Brilliant! :D

    Saved for future use. ;)
     
  20. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #21
    LTD,

    Start a anti-google anti-microsoft blog.

    Seriously, bugs happen. I'm sure apple has fixed bugs that were in the OS since day one.

    We get that you don't like either company but you don't need to continually re-post every anti-google anti-microsoft article here.
     
  21. chown33 macrumors 604

    Joined:
    Aug 9, 2009
    #22
    Can I get that on Hollerith cards?
     
  22. mac2x macrumors 65816

    Joined:
    Sep 19, 2009
    #23
    Most useful post in this thread, right here. ;)
     
  23. localoid macrumors 68020

    localoid

    Joined:
    Feb 20, 2007
    Location:
    America's Third World
    #24
    Or, maybe not.

    April 20, 2007: Macaulay, a software engineer, was able to hack into a MacBook through a zero-day security hole in Apple's Safari browser. The computer was one of two offered as a prize in the "PWN to Own" hack-a-Mac contest at the CanSecWest conference here.

    And again in 2008.

    April 21, 2008: Miller won $10,000 and a new Macbook Air last month after hacking into the laptop in a matter of minutes. The PWN2OWN contest invited hackers to try to install unauthorized software on fully patched Mac OS X, Windows and Linux computers using previously undisclosed "zero-day" flaws.

    And again, in 2009.

    Charlie Miller has done it again. For the second consecutive year, the security researcher hacked into a fully patched MacBook computer by exploiting a security vulnerability in Apple’s Safari browser.

    “It took a couple of seconds. They clicked on the link and I took control of the machine,” Miller said moments after his accomplishment.
     
  24. *LTD* thread starter macrumors G4

    *LTD*

    Joined:
    Feb 5, 2009
    Location:
    Canada
    #25
    The first day was to hack the Mac remotely. Not one person could do it. Nobody. No remote access, no viruses, nothing. Nobody can hack Macs remotely. To win the hacker needed local access to the machine. For his hack to work, it required somebody manually navigating to a site with malicious content.

    For this hack to work in the real world, you would need to physically click a link to the malicious site somehow (in an email maybe, or a link via IM or whatever). Social Engineering. It relies on the ignorance of the computer user to do the hacker's job for him, because he can't do it himself.

    Can your Mac get hacked remotely? No.

    Will the hacker drive to your house and personally point your web browser to his site to infect your Mac? Not likely.

    Make of that what you will.

    Physical contact with the machine doesn't count. Now if this Windows bug required that, then at most, we can slag on MS for living up to their lousy reputation, but it's no cause to call the bug dangerous.

    If you want to bring that Snow Leopard bug into the mix - which got a ton of attention precisely because it was so uncharacteristic of Apple (and which was patched in due course) - that's an entirely different situation. To ever fall prey to that required the user to execute a specific set of actions, and even then the probability of data deletion was incredibly low. Even if you tried to deliberately activate the bug, chances are your data would still be there. The bug existed, but whether it deleted your data on your main account or simply broke your direct access to it was unclear. Nor did the bug affect everyone who had a Guest account in 10.5. Most were not able to in any way, shape or form reproduce the bug.

    Anyway, when a serious Apple bug surfaces it's a strange anomaly. The stars have to be aligned a certain way. When a serious Windows bug surfaces, it's business as usual.

    Reputation is everything.
     

Share This Page