Slashdot Mirror
WinXP Security Flaw
Many readers have submitted word of the newest security hole in Windows XP. joshjs, for instance, writes: "Don't know if this is common knowledge at this point or not, but apparently some security researchers discovered that Windows XP's universal plug and play features contain a huge security flaw: 'A Microsoft official acknowledged that the risk to consumers was unprecedented because the glitches allow hackers to seize control of all Windows XP operating system software without requiring a computer user to do anything except connect to the Internet. ... Microsoft made available on its Web site a free fix for both home and professional editions of Windows XP and forcefully urged consumers to install it immediately.' Read more at the Washington Post's story." No OS is perfectly secure, but I bet a lot of new XP owners won't be too happy about this. Update: 12/20 20:05 GMT by T : fcrick submits a link to the same AP story at Wired, and several readers have pointed out that a patch is available. Update: 12/20 21:31 GMT by T : And as banuaba writes: "This hole also affects versions of 98 with XP File sharing installed and all versions of ME."
Plug your XP box to the internet and pray for the hackers not to find it.
Pedro Côrte-Real.
Was this what they were suggesting they'd done to compromise XP?
"a powerful and unexpected ally..."
It's not really Microsoft's fault, if this guy would've stayed quiet then WinXP would still be secure today.
Does this security flaw make Microsoft with us
or against us?
Thanks in Advance,
Woot_spork
... until we face Code Red XP?
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
Also a major threat in XP is it's centralization of everybody's ID data via the obligatory Microsoft Passport, as detailed in this morning's USA TODAY...
The information from Microsoft regarding this can be found here, as well as a patch.
"This is the first network-based, remote compromise that I'm aware of for Windows desktop systems," said Scott Culp..
HAHAHAHAHAH.. Oh man what rock has he been under?
Where does microsoft get its programmers? Right out of the state penn?
Remember Tuesday's al Qaeda article? Discuss.
If WinXP users don't patch their machines, the terrorists win!
"Oh, you wanted a DOOR to hang that lock on.... Sure, I guess we could do that..."
Is there any MS Windows XP bug counter on the web? Something like:
I think it would be funny, we could also compare with Linux 2.4.x bugs. And maybe we can also have a Score thing, or something like /.
Any suggestion? Any website that already do this?
-=-=-=-=
I know life isn't fair, but why can't it ever be un-fair in MY favor!?
I looked both on Windows Update and poked around on microsoft's site, but I don't see any critical patch for XP at this time. Can anyone point it out for me?
I first heard about this from the drudgereport and was just about to submit about this.
As far as the security hole goes I've heard even worse things are possible since XP now allows "raw" socket access to non-administrators.
There's a good article by Grieder that explains all about this at www.grc.com .
"This is the first network-based, remote compromise that I'm aware of for Windows desktop systems," said Scott Culp, manager of Microsoft's security response center.
Obviously Scott doesn't read"Good things don't end with eum, they end with mania or teria." - H. Simpson
Steve Gibson has bee talking about this for months ==> http://grc.com/dos/sockettome.htm
Heh, watch the next "service pack" from Micro$oft to fix this quietly installs the Magic Lantern trojan.
;)
You don't think the Feds dropped the antitrust case for nothing, do you?
First there's the licensing stuff, which is obnoxious and Orwellian, then there was the TCP/IP vulnerability, and now THIS!?
So, basically, you pay more for an OS that's completely insecure and Microsoft gets to keep track of you. Linux, anyone?
Trolls make great pets. Adopt one today!
In the past, Microsoft has shrugged problems like this off extremely easy, great PR ya know. For some reason this one seams more severe to me. Will this one actually hurt MS on a larger scale? I'm doubting it, but I would like to see something rumble the giant. Wouldn't be funny if the companies product ended up ruining the company? WHEEE =)
Can all fish swim?
Its amazing when something like the drudgereport beats /. to the punch on a story like this one.
I ate my sig.
the fact that XP's desktop looks like Playskool's My First PC(TM) (or Tyco) is a good enough reason for me, at least, not to install that garbage
"The ones who dont do anything are always the ones who try to pull you down" -- Henry Rollins
Since Christmas is one of the most popular times to buy a computer for the family, I am sure this will give new Compaq, Dell, Gateway, and HP buyers some pause find before Santa arrives. Is the gift you give your family going to end up being a hacker's plaything instead of theirs? Too bad you can't walk into a Best Buy or Circuit City and buy a Linux option -- though you can get a Mac powered by Mac OS X which has a few security issues.
Strange women lying in ponds distributing swords is no basis for a system of government.
Does anyone know if there is anyone developing
GNU software to detect Magic Latern?
Thank you and have an Afghan opium induced day.
"This is the first network-based, remote compromise that I'm aware of for Windows desktop systems," said Scott Culp, manager of Microsoft's security response center."
This speaks for itself
Burn Hollywood Burn
"This is the first network-based, remote compromise that I'm aware of for Windows desktop systems," said Scott Culp, manager of Microsoft's security response center.
Apparently he never heard of the Windows File sharing exploits.
https://www.gnu.org/philosophy/free-sw.html
This seems to affect Windows 98 and ME, not just Windows XP!! The Universal Plug-and-Play system has to be running though. Get the patches for those 3 OS'es and read up on the details here.
In the meantime, in the unlikely event that anyone wants to install the patch, the location is here.
... an operating system that won't let its user do what they want, but let's hackers have free will?
growling,
bear
Perhaps you guys could mirror Bugtraq too? I'd really appreciate it. Thanx.
Is your company running tools written by ma
That should be "buyers some pause five days before Santa arrives". Typoed five days and spell checked it to find. Doh! :)
Strange women lying in ponds distributing swords is no basis for a system of government.
Wait one minute. Windows XP is supposed to be the most sophisticated and secure OS in the history of mankind! I know it, because MS said so! And since MS is so well known for their honesty and outstanding software engineering abilities, this story must be wrong. I mean, Bill just wouldn't let us down like this... he loves us!!!
Now if you'll excuse me, I have to run out to the store and buy some more Xbox games. My master deems in necessary.
It's so neat to see "Intel Inside" and "Windows" stickers on all these nice software boxes. With Microsoft's new dedication to security, I'm thinking its time we print up some nice "RedCode Enabled" or "Nimda Friendly" stickers. Then all I anyone needs to do is make a visit to the local computer outlet to upgrade the Windows OS boxes they have out on the shelves to buy.
When the big virus/worm/... that exploits this hole is announced, maybe we can print up stickers to apply to all those nice shiny new XP boxes.
Now they can be just like that other secure operating system.
"Windows XP - Four minutes without a remote hole in the default install."
Free music from Jack Merlot.
At least this is evidence that MS can't sneak in the a backdoor on XP...Otherwise they'd just patch everyone and skip the media fallout.
n /MS01-059.asp
Here's the MS bulletin with links to the download: http://www.microsoft.com/technet/security/bulleti
FYI, for the latest patches, don't use windowsupdate.microsoft.com's automatic-upgrade detector...It takes a couple of weeks before patches make it into that system.
Now Windows XP offers strong security to home computer users through Internet Connection Firewall protection, which makes your information, computers, and family data safer from intruders as soon as you start using Windows XP.
I guess that helped a lot.
"I don't know half of you half as well as I should like, and I like less than half of you half as well as you deserve."
So, I'll just run the patch and move on with my life. No big deal.
It's not like I'm going to lose sleep over what *might* happen.
It's only a computer, for christ sake.
"Adequacy.org: Where congenital stupidity is not an option, but a requirement."
And now, this is a security hole. Man, nowaday, you can't know for sure if it's a bug or a feature anymore.
http://www.sans.org/topten.htm where Unix is king of security problems.
Well technically this is probably true. There have been compromises of IIS, MSSQL, and other Microsoft products but the OS itself hasn't been vunerable to such attacks until now.
Now granted, IIS comes with Windows so, is that really a seperate component? Also, by the same logic, Linux has never been exploited either has it? I mean, does Linux run any network daemons on it's own? No. So Linux, itself is bulletproof, it's just all those other things you put on top of it that can cause problems.
I just find it amusing how Microsoft keeps changing where they want to split their hairs when distinguishing between the OS and the applications. IE is part of the OS until it gets compromised and then suddenly it's a seperate application.
This sig has been temporarily disconnected or is no longer in service
If the Washington post article is slow for you, Fox News has a writeup as well
Where is michael when you need him?
"This is the first network-based, remote compromise that I'm aware of for Windows desktop systems," said Scott Culp, manager of Microsoft's security response center. "Every Windows XP user needs to immediately take action." He called it a "very serious vulnerability."
Emphasis mine.
I would not mind a decent explaination of what Universal Plug and PLay is, what it takes to shut it off, and what it would affect.
Open Source Identity Management: FreeIPA.org
Maiffret and his researchers demonstrated the flaws for The Associated Press by hacking into a reporter's laptop running Windows XP from 2,300 miles away and successfully instructing the computer to connect automatically several times to the Web site for the National Security Agency, the government's super-secret spy agency.
Omigawd! They used it to connect to the super-secret spy agency's website! Ahhhhh!
I mean, couldn't they come up with a demonstration that wasn't so transparently panic-mongering. Either connect to an ordinary website, if that's what you want to demonstrate, or pretend to hack into something or DOS something or whatever, but connecting to the *public* website of the NSA is just dumb showmanship.
Cameron would be my last choice. Drew would probably be the most fun, and Lucy would be cool too, because Asian chicks are wild in the sack,
but skinny girls like Cameron tend to not be so great. I think she would be too needy and high-maintenance.
When i did a default install of Linux a couple of years ago, and it automatically installed BIND, which, BTW, is the mother of all security concerns. But, i can understand ripping M$ a new one, it's the slashdot way right?
Objective Journalism my ass.
Yes, my girlfriend is a BitchX
tally of said security issues as they pop up and then document how long it takes Microsoft to fix them-- before and after the bug is publically exposed.
I would be interested to see captured on a yearly basis the bug count of Microsoft products versus some open source products including how long each bug took to get fixed and the severity of each bug.
Microsoft is good a spreading FUD-- but facts are hard to beat and gobbled up by the media.. I'd be willing to volunteer my time to anybody with a server and some bandwidth for a project like this: just tell me what you need me to do.
Do not spread "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0" over the internet, thank you.
Who would have even thought it was possible. After all Windows has been so secure in the past. I may have to look into something else.....snicker...
I don't know, sounds like a lot of work. I'll wait for Windows XQ, where having the damned thing on is all a computer user is required to do to get 7DM1N15TR7TOR'ED (read r00t'ed)
God, what a joke. Who cares how secure your OS is if your web browser will run arbitrary executables on opening a hyperlink to something labelled a text file but whose file format says otherwise and which label (brilliant!) gets automatically passed on the the OS for interpretation (in the case of executables, execution).
That was the headline in my version of the story (rejected). I thought it had a bit of pizzazz. Oh well.
What's with them burying this info in the TechNet section anyhow? "Security by Obscurity" does not work! Now that it's on AP and the lead story on Boston.com they have to own up to it.
www.lucernesys.comHorizon: Calendar-based personal finance
Does Microsoft actually do code reviews of their own code?
Does anyone in their QA department have any knowledge of security?
Sure accidents happen, but you would think any networking code intended to be used on a public network would be thoroughly examined for any weaknesses/exploits.
They need to learn from their mistakes...
What the article doesn't mention is that Windows 98 with XP sharing is also affected, and that any version of Windows ME is affected as well.
If you are running Windows 98 or ME, you should immediately go to Microsoft's website and download the patch for your system.
A more technical description can be found here.
Windows 2000 is not affected.
Simpli - Your source for San Jose dedicated servers and colocation!
Win XP has a security problem which opens you up to attack the moment you connect to the net...
You need to connect to the net so you can get the patch from MS website....hmmmmmm...catch 22
So to safely get the patch from MS you have to find a non XP computer with a zip disk or a cd burner.....
good think there are 0.25 % of the desktops out there running linux, so XP users can grab the patch they need off a secure netenabled desktop....assuming MS lets no-IE browsers connect to the MS site to grab the patch.
-jef
Kinda dilbertian dilemma,
if you connect to the internet to download the patch you are vulnerable to attacks.
"Enough of this wretched, whining monkey life." -- Marcus Aurelius, _Meditations_, Book 9, 37
Stupid job ads, weird spam, occasional insight at
Microsoft standard "Take Me, I'm Yours" default settings strike again.
/. If the government wants us to respect the law, it should set a better example.
"Over four hours without a remote hole in the default install!"
"This is the first network-based, remote compromise that I'm aware of for Windows desktop systems," said Scott Culp, manager of Microsoft's security response center.
Because Code Red and Nimda were... well, umm... local I guess?
You don't own Linux either. It is licensed to you under the GNU General Public License.
Linux is owned by Linux Tordvals and others.
Conformity is the jailer of freedom and enemy of growth. -JFK
i appreciate that one of the options for installing the patch, as suggested on the patch web site, is to 'run this program from its current location'.
seems like the sort of thing you wouldn't want people to get used to doing.
go get it
"The Windows XP problems affect a little-used feature that eventually will allow consumers to control high-tech household appliances using their computers. Called "universal plug and play," the feature is activated by design in every copy of Windows XP and can be added manually to Microsoft's earlier Windows ME software, also used by millions of consumers worldwide."
I'm glad I didn't get around to plugging my toilet into my PC. Whew!
Trolls make great pets. Adopt one today!
Cameron
-- www.globaltics.net
Political discussion for a new world
This is certainly another very ugly bit of egg on the face for Redmond, but the article is misleading. For Win98 clients, the only way to be affected by this bug is if they had independently installed the ICS software from WinXP. In WinMe, it is present as an installable option, but is NOT installed by default.
Also, according to the M$ bulletin:
"Standard firewalling practices (specifically, blocking ports 1900 and 5000) could be used to protect corporate networks from Internet-based attacks."
Call me crazy, but any sysadmin interested in keeping his/her job doesn't blindly leave ports open on the firewall. Not that that would help out poor mom and pop who just bought a fancy new Dell because that nice boy Steve on the television told them it was cool, but what can you do? Anyone with any kind of "always on" connection would have to be an idiot to not engage some kind of firewall for their connection. The fact that M$ has a (limited) firewall functionality built into XP is at least a step in the right direction. I haven't played with it, so I don't know whether it installs by default, or requires any kind of real technical knowledge to setup (it's Windows, so my guess is no).
The fact that they can still have holes like these in any code that runs in a priveleged level is simply unforgiveable, though. I mean, isn't it simply a commonly accepted development practice to place safegaurds (ie, using strnlen() as opposed to strlen() or something - it's been a while since I've done any network coding) in any and all buffers receiving any kind of data from any kind of socket connection?
"Oh my God! The dead have risen! And they're voting Republican!" - Bart Simpson
Oh the fun you could have with BackOrificeXP right now... User tries to get patch, Evil haX0r-d00d shoots out a pop-up and mp3: a little Strauss music and a MsgBox reading, "I don't think I can let you do that, Dave."
woof.
[1] As opposed to that Win95 "fix" they called Win98 that you had to pay for.
How do you forcefully urge people?
Shows what you know, dumbass! I actually fucked
Cameron Diaz 6 years ago, after she got drunk at McSorley's in Greenwich Village. Best lay I ever
had! Stop talking about things you don't know what you're talking about!!
Drizzle allows Microsoft to automatically download a fix to the user's machine and forcefully ask them to install it? WTF?
If Microsoft can force an automatic download, what's to stop anyone else?
How long til someone finds this "feature" and REALLY gives it to XP users?
Along similar lines of "Writing Solid Code".
Wait for it, wait for it...
"Writing Secure Code"
Haven't you seen the commercials? A huge multi-media advertising blitz to tell us all that _Everything_ is easier in XP.
-JDF
By following the link on the MS Security Bulletin I received in my e-mail, and going through the update process, it took a whopping 5 minutes including the reboot.
:P
Now all that's required is that somebody take the total number of XP users, multiply it by 5 minutes, and then multiply it by some made-up figure for what the average IT workers makes per minute, and then the zealots will have some fuel for their fire. "Look, this latest bug cost the country a billion dollars!". While in actuality it didn't cost the country anything, and only cost each corporation a percentage of their annual revenue, small enough to be measured in millionths of a percentage point.
Gee, I think I just wasted more time posting this comment than it took to install the update
Mr. Steve "the sky is falling" Gibson is a 100% certified quack, and you are a 100% certified crack baby if you actually believe his drivel.
So why bother even trying to secure one? But hey, look at the pretty graphics.
That's right. This article is nothing more than garbage. OK. There is a security flaw. Microsoft has made a fix for it and is urging people to install it. But where is the freakin' link?! Why write an article about a security flaw, tell people there's a fix and not bother to tell them where to get it? And where are the details? It says the bug is with Universal Plug and Play. Great. So what is the bug? Too vague, too vague, too vague.
Title: Unchecked Buffer in Universal Plug and Play can Lead to System Compromise
Date: 20 December 2001
Software: Windows 98, Windows 98SE, Windows ME, Windows XP
Impact: Run code of attacker's choice
Max Risk: Critical
Bulletin: MS01-059
---
The hole is in more than XP as you can see.
---
The first vulnerability is a buffer overrun vulnerability.
Microsoft specifically said they reviewed all the code in Windows XP for buffer overruns. http://www.vnunet.com/News/1125281
Happy patchy Christmas to all of you XP users!
I just got a new box that came with WinXP Pro on it, and I need Windows to support my gaming addiction.
I know security has always been one of the biggest problems with Windows OS's, so is there some sort of online bulletin board where security problems/patches/workarounds are posted?
Where was the mention of Christ? Perhaps you may be reading a bit more into this than was being said. Perhaps you need to look at your own judgemental tendencies a bit?
about the same amount of time that MicroSoft said that installing XP would save?
Thanks to file sharing, I purchase more CDs
Thanks to the RIAA, I buy them used...
what!?
A security flaw in a Microsoft OS!?
Surely, you must be jesting.
And this is newsworthy?
ceci n'est pas une signature
XP is an inmature OS. There are going to be tons of problems, just like any other new OS.
Why company would switch to ANY OS that is less then 3 years old is beyond me.
The Kruger Dunning explains most post on
"No OS is perfectly secure, but I bet a lot of new XP owners won't be too happy about this."
No doubt many would be, if Microsoft would contact each and every registered user and explain it to them. As it is, most will never realize that the new computer they bought for Christmas is wide open for anyone to steal personal information, plant trojans, etc.
I think Microsoft should be required to mail a CD with the fix to every registered user of Windows XP, and explain in clear non-technical language what the security flaw is and why the patch is important. Hell, make 'em overnight it, too.
ZZZZZZZzzzzzzzzz....
Oh, hey, I must have dozed off... what a weird dream that was...heh...
most of the time Windows does what they want it to do, without hassles. The security risks and the threat of MS abusing their personal freedoms are remote problems that don't impinge on the daily experience of web browsing, word processing, emailing, gaming, playing CDs... Sure, once in awhile you get bit by a virus. And the cost is increasing. But there isn't an alternative that is as easy to use.
OK, argue with me, but I've been using Linux since before the birth of RedHat. Last month I spent a full day configuring my CD-ROM burner because of incomplete or wrong documentation. In windows it just works. Today I found a nifty software package, downloaded, unzipped, untarred, and it wouldn't run because of incompatible libraries. I try to update libraries and discover I'll break dependencies. Do I want to hassle with that? NO! Does Jane Doe want to hassle with that? Hell NO! Not when she can, using windows, double-click on Setup and let the install shield work -- which it does, most of the time.
We can gloat over how insecure windows is and how dumb the people who use it are, but that won't make more people use Linux. Many people want to ditch windows, but don't because they think, correctly, that Linux is too gear-headed. What will make them switch is if they see an alternative to windows that is at least as easy to use. The major distributors know this, and they have improved installation and the desktop environment fantastically in the past couple of years. But Linux needs an equivalent to windows' install shield so that application installation and removal is simple, transparent, and reliable.
It's the front end, stupid!
This is for those who are sympathetic to the MS responsible reporting policies:
The flaw, discovered five weeks ago threatened to undermine widespread adoption of Microsoft's latest windows software...
The company sold 25 million copies of Windows XP in the two weeks after it hit stores Oct. 25...
The company released a free fix thursday.
So beyond consideration that MS delay releasing XP until this hole is fixed. The best thing to do is keep it secret (responsible reporting) until they get around to writing the patch sometime. In fact, the biggest threat here is that it will "undermine the adoption" of XP -- i.e. they might not sell as many copies if people know there is a huge hole in the OS. No mention of threat to users, etc.
For reference, look at the motorola exploit in the jargon file.
I wonder how many times this has to happen before people are convinced that making bugs available and publicly releasing exploit code is the only way that the big vendors will make security a top priority.
When in doubt, have a man come through a door with a gun in his hand.
Just last week, Microsoft's corporate security officer, Howard Schmidt, expressed frustration about continuing threats from overflows. "I'm still amazed that we allow these things to occur," he said at a conference of technology executives. Schmidt is expected soon to resign from Microsoft to work for President Bush's top computer security adviser.
...what is this...the Twilight Zone?
I want to be alone with the sandwich
you've been trolled.
thanks for playing.
we've got some lovely parting gifts for you.
have a great holiday.
good night everyone!
Comments: First, don't mod me up as "informative"; I didn't write any of that. If you're considering modding me up as informative, consider unchecking "willing to moderate" or at least read the moderator guidelines. Second, does MS put out products with such glaring, horrible security flaws *on purpose*? As far as I know, the UPNP feature is brand new, so it shouldn't be based on any existing code base, yet MS programmers are *still* using unsafe commands (presumably) and not doing bounds checking. This is a buffer overflow vulnerability in a new product, for fuck's sake.
-Legion
I am sure this will give new Compaq, Dell, Gateway, and HP buyers some pause
... well, they don't know enough to care. Who does that leave?
People who know this is just the latest symptom of Microsoft's general neglect for security won't be buying XP anyway. Those who believe Microsoft deserves their dominant position because they are the best will see that there is already a patch. Those who don't know enough to know why they should care
Nope, no sig
or were you using the child like Aqua OS? XP is by far the best MS O/S yet. It has a way to go but changing the look and feel takes about 1/5th the time it does to change it in Linux. I run both and prefer enlightenment but aren't most users morons anyway? So the "child-like" UI would be perfect for them.
> Here's a little gem from the MS XP site [microsoft.com] That's a typo. It's supposed to say "makes your information safer for intruders as soon as you start using Windows XP."
Sheesh, evil *and* a jerk. -- Jade
Here's more coverage...
ZDNet
Cnet
-Matt
Digitalmeca.com
**cough** code-red **cough**
m00.
Wow, now not only can the virus enter thru your Outlook/OE but a lameass can use your Outlook to run the virus... That sounds like a whole hell of a lot of xmas fun to me!
Magic 8-ball says:
'Outlook not so good'
I wish MS would just focus on making their OS stable instead of stealing other people's idea and integrating them into their OS. When are they going to be held accountable for their shoddy workmanship?
...what makes this any different from any other version of Windows?
The best way to secure a Windows box is to take a pair of scissors to the ethernet cable.
- A.P.
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
While no OS is ever perfect, this is seriously not funny. I did some security work in the military and know that if someone wants to get you bad enough, eventually they will. With Linux, I'm carefull what neighborhoods I go into, but confident that I've got some measure of security while walking about. I have XP as one of my OSs (as well as OS/2, Win95, NT 4.0 and Linux) on my work station. Now, with XP, I feel like a virgin that passed out at a frat party. I'm awake now, but with no idea what happened while I wasn't. ;) Oh well, I was looking at wiping that partition anyway.
You must be the change you wish to see in the world - Ghandi
For all you Linux-heads that haven't installed XP, the installer determines by asking you if you are connected directly to the Internet or if you are connected to a LAN --- if you're directly connected, YOUR CONNECTION IS AUTOMATICALLY FIREWALLED. Which means, that if MS did its math correctly, most people connecting to the Internet should already be protected, patch aside.
Now, what if you're on a LAN? You should already be behind a firewall. So theoretically the only people vulnerable are corporate users vulnerable from attacks INSIDE the company. That narrows it down, doesn't it?
Ooooh, it's a bug!! So what?!? I believe "security by obscurity" has proven to work this time. When did /. hear about this bug? Today. When was the patch released? Prolly before we heard about it. Nuff said.
But then, you know, Linux doesn't have bugs (eyeroll). Why is it that when Win* has bugs, it's headline news on /., but all the bugs in the 2.4 kernel go unnoticed? Oh yeah, heh, I forgot, this is Slashdot. Honestly, guys, grow up.
Like all the Linux boxen running pretty much any version of wu-ftpd and vulnerable versions of BIND (and there are A LOT) are safe. Hah. Why don't you look at the fact before you start posting flamebait......
Tie: 1st place goes to Drew Barrymore--youngest but most experienced (started fscking for coke at age 11)--and Cameron Diaz, the hottie whose nipples are always hard on camera. I saw Lucy Liu at Hooters the other day and noticed that she's wall-eyed. That really freaks me out.
Hmm, this comes out just a couple of days after the terrorists claimed to have placed backdoors and other security flaws into WinXP.
Likely they were just playing the odds, tho. Microsoft's history of security problems almost guaranteed that there would be some problems.
...safer from intruders as soon as you start using Windows XP
But is it faster and more fun? I'm still waiting for that promised Windows 95 feature to be implemented in ANY version of Windows.
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
It appears that this patch doesn't work in Release Canidate 2 (which I happen to be running), so if your using anything other than the final version of XP (2600), then don't bother getting it.
forma3
Looking at this I do have to wonder will UPnP (Universal Plug and Play) be the next IIS in terms of exploits, viruses and worms?
This issue is the second major *known* problem with UPnP in as many months, both involving buffer overflows of some kinds (MS01-059 & MS01-054).
Since UPnP runs as a service with a SYSTEM level authority, rooting it gives you god-like control over the system, so this falls under the heading of a bad thing. I seem to remember that it is installed by default (currently running w2k so i cant check if it is or not).
So what we have here is a service that seems to be exploitable, running a protocol similar to http, that is installed by default and will be a total pain to turn off, assuming of course that johnny average user even realises it is turned on!
Getting the average user convinced to download patches for this sort of thing are going to be a hard sell as there is no perceived benefit from downloading a file which corrects a fault in something you don't know is running, and even if you did you don't fully understand the purpose of.
IIS had similar problems, not to mention a raft of exploits (i imagine these UPnP exploits are just the tip of the iceberg) and look what that became - one of the more popular webservers - both to host sites and to write worms for...
Well, the full posting minus the PGP sig and un/subscribe information to get around the lameness filter.
t in /MS01-059.asp.
n /ms01-059.asp
-----
Title: Unchecked Buffer in Universal Plug and Play can Lead
to System Compromise
Date: 20 December 2001
Software: Windows 98, Windows 98SE, Windows ME, Windows XP
Impact: Run code of attacker's choice
Max Risk: Critical
Bulletin: MS01-059
Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulle
Issue:
The Universal Plug and Play (UPnP) service allows computers to
discover and use network-based devices. Windows ME and XP
include native UPnP services; Windows 98 and 98SE do not include a
native UPnP service, but one can be installed via the
Internet Connection Sharing client that ships with Windows XP. This
bulletin discusses two vulnerabilities affecting these
UPnP implementations. Although the vulnerabilities are unrelated,
both involve how UPnP-capable computers handle the
discovery of new devices on the network.
The first vulnerability is a buffer overrun vulnerability. There is
an unchecked buffer in one of the components that handle
NOTIFY directives - messages that advertise the availability of
UPnP-capable devices on the network. By sending a specially
malformed NOTIFY directive, it would be possible for an attacker to
cause code to run in the context of the UPnP service,
which runs with System privileges on Windows XP. (On Windows 98 and
Windows ME, all code executes as part of the operating
system). This would enable the attacker to gain complete control over
the system.
The second vulnerability results because the UPnP doesn't
sufficiently limit the steps to which the UPnP service will go to
obtain information on using a newly discovered device. Within the
NOTIFY directive that a new UPnP device sends is
information telling interested computers where to obtain its device
description, which lists the services the device offers
and instructions for using them. By design, the device description
may reside on a third-party server rather than on the
device itself. However, the UPnP implementations don't adequately
regulate how it performs this operation, and this gives
rise to two different denial of service scenarios.
In the first scenario, the attacker could send a NOTIFY directive to
a UPnP-capable computer, specifying that the device
description should be downloaded from a particular port on a
particular server. If the server was configured to simply echo
the download requests back to the UPnP service (e.g., by having the
echo service running on the port that the computer was
directed to), the computer could be made to enter an endless download
cycle that could consume some or all of the system's
availability. An attacker could craft and send this directive to a
victim's machine directly, by using the machine's IP
address. Or, he could send this same directive to a broadcast and
multicast domain and attack all affected machines within
earshot, consuming some or all of those systems' availability.
In the second scenario, an attacker could specify a third-party
server as the host for the device description in the NOTIFY
directive. If enough machines responded to the directive, it could
have the effect of flooding the third-party server with
bogus requests, in a distributed denial of service attack. As with
the first scenario, an attacker could either send the
directives to the victim directly, or to a broadcast or multicast
domain.
Mitigating Factors:
General:
- Standard firewalling practices (specifically, blocking ports
1900 and 5000) could be used to protect corporate networks
from Internet-based attacks.
Windows 98 and 98SE:
- There is no native UPnP support for these systems. Windows 98
and 98SE systems would only be affected if the Internet Connection
Sharing Client from Windows XP had been installed on the system.
- Windows 98 and 98SE machines that have installed the Internet
Connection Sharing client from a Windows XP system that has
already applied this patch are not vulnerable.
Windows ME:
- Windows ME provides native UPnP support, but it is neither
installed nor running by default. (However, some OEMs do
configure pre-built systems with the service installed and
running).
Windows XP:
- Internet Connection Firewall, which runs by default, would make it
significantly more difficult for an attacker to determine the IP
address of an affected machine. This could impede an attacker's
ability to attack a machine via unicast messages. However, attacks
via multicast or broadcast would still be possible.
Risk Rating:
Buffer Overrun:
- Internet servers: None
- Intranet servers: None
- Client systems: Critical for Windows XP, moderate for Windows 98,
Windows 98SE and Windows ME
Denial of service:
- Internet servers: None
- Intranet servers: None
- Client systems: Moderate
Aggregate risk:
- Internet servers: None
- Intranet servers: None
- Client systems: Critical for Windows XP, moderate for Windows 98,
Windows 98SE and Windows ME
Patch Availability:
- A patch is available to fix this vulnerability. Please read the
Security Bulletin at
http://www.microsoft.com/technet/security/bulleti
for information on obtaining this patch.
Acknowledgment:
- eEye Digital Security (http://www.eeye.com)
Who said I was a Christian?
However, if you want to talk about the teachings of Christ, "Do not judge, lest ye be judged."
Keep the posts on topic and not on the sigs please. (So I'm a hypocrite, and a sinner. : )
</offtopic>
"It takes many nails to build a crib, but one screw to fill it."
"Linux" as a trademark is owned by Linus. Not the software.
The GNU affects you only if you wish to redistribute GNU copyrighted software. It is not an EULA, and no one is "licensed" to use or install GNU Software. Anyone can install/configure/run/modify it however they want.
When in doubt, have a man come through a door with a gun in his hand.
Don't forget the "errata" section for updated info that came up after printing:
Do not hire programmers that wear kaftans, turbans, long tangled beards, do not bathe, ride donkeys to the interview, speak with a thick Afghan ruling class accent, and repeat slogans like, "Death to capitalist war-mongers that allow their women to read!" or "Cover your face, you Hell-bound Satan's whore!"
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
There have been a number of remote exploits in Win9x filesharing, first of all. I don't know of anything affecting an "out of the box" installation, but if you had a Win95 box that had any writeable shares, even password protected ones, even deeply nested in the filesystem ones, your computer could have been remotely compromised.
Secondly, does anyone remember a little thing called Outlook Express? Sure, most of the popular worms exploited the unpatchable "Stupid User" bug, but there have been at least two that left your computer remotely compromisable from just the Preview pane of the email (thanks to HTML buffer overflows) and one that would let your computer be compromised as email was downloaded (thanks to email header buffer overflows). Of course, the preview pane bugs were really Microsoft HTML component bugs, so could be triggered by Internet Explorer hitting a malicious page even if you didn't use Outlook.
And if there's one thing that Microsoft has taught us, it's that Internet Explorer is an essential part of the Windows(TM) Operating System eXPerience.
While this is quite a bad hole, at least WinXP comes with that automatic-update thingy right out of the box. It should download and install the patch automatically, if there is an internet connection present.
... At least I think. I know my winxp box is set to notify me before applying patches... and it's already downloaded a few.... I guess I'll have to wait until I get home to see if it got this one automatically? Anyone know? Hopefully it will, otherwise there are going to be a lot of r00t3d windows machines out there.... which means a lot of ammunition for the DoS assholes.
Mike Feldkamp
Programmer, All Media Guide
Check out Microsoft's "whois" entry. Lame, but kind of funny.
the GPL is MORE permissive than first sale doctrine. So if you DID own a copy of linux, instead of licensing it, your rights would be reduced.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
Part of the problem with windows is that many of the users, particularly the typical consumer-types, are too lazy to download the patch, are unaware of the danger, or just plain haven't heard of the security holes, so they never patch. ;)
A possible solution? The infamous EverQuest (otherwise known as EverCrack) forces users to, on connection, scan for new patch files, and *requires* them to patch before play. Perhaps if Microsoft implemented something like this, it would at least solve the problem of known security holes in home users.
Of course, that only solves the known and patched ones, if you want to get all the unknown ones you need a miracle
The vulnerabilities were discovered by three young security researchers with eEye Digital Security of Aliso Viejo, California, led by Marc Maiffret, a 21-year-old former hacker. In recent months, Maiffret, who calls himself the firm's "chief hacking officer," has advised the FBI and the White House on Internet security questions and testified before Congress.
How'd you like to have that on your business card?
2600
coincidence or not?
While no OS is ever perfect, this is seriously not funny -- Marcus
Actually, you're wrong: It's quite funny.
I have found that I learn the most when I say something stupid. What a dilemma.
Just because you're from the UK doesn't mean you've even ever had sex you incestous slash-troll.
"Linux" the trademark is owned by Linus
"Linux" the copyright is owned by Linus and others.
The GPL is a EULA which assigns you specific rights regarding distribution & modification. It is no different legally than a Microsoft, Oracle or IBM license. It's contents are obviously different.
A copy of the GNU General Public License is available here. Please read it.
http://www.gnu.org/licenses/gpl.txt
Conformity is the jailer of freedom and enemy of growth. -JFK
the glitches allow hackers to seize control of all Windows XP operating system software without requiring a computer user to do anything except connect to the Internet
:)
Oh, I get it now...
the glitch was only supposed to let Microsoft sieze control of all Windows XP operating system software without requiring a computer user to do anything except connect to the Internet
I Heart Sorting Networks
Microsoft said a new feature of Windows XP, known as "drizzle," can automatically download the free fix, which takes several minutes to download, and prompt consumers to install it.
I bet a dollar that "drizzle" will be the next big virus backdoor...
Microsoft also is working with other software companies, such as leading antivirus and firewall vendors, to build protection into their products.
...implying, perhaps, that there hasn't been any protection up until this point? :-)
I'm a bloodsucking fiend! Look at my outfit!
Heh - She's on this breast cancer poster around the office here. Funniest thing ever has got to be a flat-chested, cross-eyed Lucy with that sorta-crooked smile trying to get me to wear jeans and a pink ribbon for breast cancer awareness! Ha! I'm not gay...
If antitrust laws fail, why not use anti-terrorism exception rules to forbid buggy software?
I wish^H^H^H^H COULD have a Beowulf cluster of those.
Comments: First, don't mod me up as "informative"; I didn't write any of that.
;)
Er, why not? It's not moderating you, it's moderating the comment. If someone found the content of the comment interesting, they should moderate it up, so that people who browse at +3 or whatever can read it.
If you don't want the karma because you didn't write the content and don't feel you deserve it, post as an AC. But the comment itself is Informative and deserves to be modded up.
"Informative" is certainly a more valid moderation than "Insightful", which is what someone's been forced to moderate the comment as because of your instructions.
Amazon has it listed as "Wriring Secure Code (With CD-ROM)"
Wriring... hm...
Reminds me of that Dilbert cartoon where the MSFT lackey has to leverage Microsoft's market dominance to make an typo in the Word dictionary a new industry-standard word, plus, kill himself in their Comdex booth as an example to others...
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
They should just release a perfect OS every time like Linux.
don't install XP...EVER!
Seriously, when your copy of XP gets permission from you to install the patch, I wonder what else is going on? I bet stuff like this will keep happening every few months and people will keep installing these automatic drizzle downloads, and the whole time Microsoft is just raking in loads of personal information from your documents in... well... "My Documents."
~ now you know
Why do they have to advertize "free" fix, like they are doing me a favor by not having me pay for it?
>The best way to secure a Windows box is to take a pair of scissors to the etherenet cable.
Actually, the technique for securing a windows box is much more complicated than snipping a few cables; it involves a chainsaw and a small amount of plastic explosive.
We ran into this several months ago when we were testing some server software that we wrote. We were using port 5000 as a default. As soon as XP came out, we tested the software on it and found that we could not bind a server to port 5000 at all because it was taken. So naturally, we wondered, what in XP is listening on port 5000?
Turns out that Microsoft picked the same port for its Plug and Play architecture, which listens on it for a connection coming (presumably) through the local TCP/IP stack. The protocol is XML (maybe SOAP, can't remember). You can receive and send configuration information by using that port (the schema is somewhere on microsoft.com) and it occurred to me even then that this looked like a potential security hole. But, I thought, this is too blatantly obvious and surely Microsoft is not so stupid as to allow access to the PnP internals from nonlocal IPs. Right? So we simply moved our software's default port setting to another port and forgot about it.
Predictions:
The scandal will flow off MS in a day or two, like water off a duck's back.
The downloadable security patch will be bundled with the latest updates to Microsoft's digital rights management crap.
Every script kiddie will have a tool within the week that scans IP ranges on port 5000 in search of the machines that have remained unpatched.
The guy who publicized the flaw will be tried in a secret military tribunal as a cyberterrorist.
I know this and you know this, but apparently the guy who snipped my post doesn't. The real issue is how bad does a companies software have to be before consumers stop buying it?
Since the article is virtually useless as far as explaining what the security problem really is, here is the complete explanation from eEye0 11220.html
http://www.eeye.com/html/Research/Advisories/AD20
Most people would die sooner than think; in fact, they do.
What if a company was hacked during the last few weeks prior to full disclosure through this hole and suffered financial injury due to the intrusion? Is Microsoft perhaps negligent and legally liable for those injuries since it did not disclose the hole for five weeks after it knew of its existence?
Steve Gibson is a gibbering idiot.
from grc.com : "... my post-attack forensic analysis, and the results of my subsequent infiltration into the networks and technologies being used by some of the Internet's most active hackers."
Pffff, who is this guy, Ethan Hunt?
SG: WOW, I've just been hax0red by some L33t d00d. Fortunatly, my superior security knowledge enables me to find him, and address his irresponsible behaviour.
script kiddie: I d00 th15 ju5t f0r kix! U can't st0p m33!
SG: [pads the boy on the shoulder to comfort him for the obvious lack of parental guidance] Ok, I'm not a bad guy, see, I wrote hackers are cool once.
sk: You're right! Hey why don't you unleash your mad programming skills and write something to protect us all from further havoc caused by people like me?
SG: I just might do that
Be wary of any facts that confirm your opinion.
i believe this was reported first on bugtraq at the start of november. here's links with basic DOS exploit code.
t raq0111/10.html">synopsis</a>
t raq-200111/0016.html">also here with .DOC attachment</a>
<a href="http://msgs.securepoint.com/cgi-bin/get/bug
<a href="http://security-archive.merton.ox.ac.uk/bug
In the article they say "The Windows XP problems affect a little-used feature that eventually will allow consumers to control high-tech household appliances using their computers. Called "universal plug and play," the feature is activated by design in every copy of Windows XP and can be added manually to Microsoft's earlier Windows ME software, also used by millions of consumers worldwide."
That is not true. On my clean install of WindowsXP Home the "Univerisal Plug and Play" option is not installed. They really need to check those facts first.
Silly Rabbit...Sig's are for kids.
At risk of losing all my karma, but here goes.... if you enable XP's built in firewall on a network interface, you'll discover that you can no longer connect to the universal plug and play service on that interface. So yes, it helps a lot actually!
Lead developer, http://wisptools.net
What an idiot! He thought that R14 tires were the right size for his dakota! I mean, we shouldn't let these idiots drive.
And speaking of idiots, did you here about the guy who put 5w30 in his 95 Berretta? *Sigh*
I mean, because people don't know anything about a simple, basic piece of technology they use every day, we have poorly designed cars that are best sellers, which ends up going to the junkyard years early because of poor, if any care.
(I feel sorry for people reading this as a thread, instead of nested. This will make no sense then...)
They just said it had a firewall, they never said what side of the wall you were standing on (apperently the WRONG side)...
Comment removed based on user account deletion
The GPL is a EULA..
EULA = "End User License Agreement". They are a way of taking away user's first sale rights. The GPL does not try to foist any license agreement on end users. In fact it states
5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works.
So you are confusing a license to redistribute something (which is required for all copyrighted works) with a license to use a copyrighted work. Microsoft has the latter in the form of EULA. Linux doesn't. Microsoft has the former in the form of often secret agreements with OEMs. Linux has the former with the publicly available GPL. Apples and oranges.
When in doubt, have a man come through a door with a gun in his hand.
I SAW IT , na na na na....
....Guess what the MS guys already Knew about this one , although details were a little fuzzy, Was this a BUG, or a planned backdoor they just got caught on ?
I went to an OEM system builder confrerence to get my free copy of XP Pro, (I got 2) And promptly traded them for a really cool digital slot Machine/ Pachinko, but notheless, we were playing with it at the conference and I asked one of the tech about security risk associated with their Mini Terminal server that is built into XP to allow someone to "Guid" you through something or "FIX" whatever ails your XP machine remotley, nice feature as us *nix folks have been doing for years, we started discussing alternative ways of enabling the RC feautures and Guess what
I saw the same thing with IBM before, they had a product that was an login access restriction device , kept only keyed users from logging in, powering up or down, or bypassing via CRT port, and a couple of other function a Janitor from IBM cleaning up the booth at COMDEX late showed us how to bypass it in 0 time, unreal...Point is even thought it was new to the public the Guys at IBM had it around for a while and even the Janitor knew a way around it , the top guys at IBM knew it too, soooo some pictures (at the IBM booth and our friendly Janitor) and guess what IBM pulled the product line, good for us because we were selling a competing product to the FBI, CIA, Univerity's and Airlines...:)
could this be the same scenario, its been there and know all along ?
Sig went tro...aahemmm.....fishing........
If it takes an IT person 10 minutes to download/fix (optimistic) then:
7,000,000 X 10 = 70,000,000
70,000,000 min / 60 min/hour = 1,166,666 hours
1,166,666 hours X $15/hour = $17,499,999
Ok, I'll be nice and round down to $15 million.
Someone send Mr. Bill Gates an invoice!
Well, even though this was publicated and by now most of everybody knows about this hole, there's no obvious link to any automated exploit (like you see on securityfocus), and most infomration given is so unspecific you couldn't make too much with it...
Now, compare this to a situation where an Apache (for example) bug comes out - it'll take a few seconds until an epxloit is made available and publicly advertised...
Now, I am asking myself, does "security through obscurity" work after all? One would expect a rush of script kiddies against vulnerable machines....
Here at Microsoft we pride ourselves in our attention to detail. Remember - we add more features before 9am than anyone else.
You can be sure with a Microsoft product that the user experience when our software blows up will be incomparable to any other software. In fact, we'll ensure that all our bugs have pleasing error messages.
Microsoft - the Privacy goes out before the Security goes in.
-
--- Will in Seattle - What are you doing to fight the War?
Flamebait 5? No way! Are you totally clueless to Microsoft's long history of security through obscurity and their fight against web sites that publish system security holes? Obviously so.
Sheesh.
--
Spaz!
Imagine this scenario:
:-)
1. your off-the-cd version of windows XP is vulnerable.
2. You connect to the internet to download all of the security patches.
3. WAMMO! you get struck by this code red XP exploit.
4. It get's installed before you have had a chance to install the patch.
5. It recognises the security update patch and silently/secretly ignores it.
6. Your system is still rooted, you believe you have patched your system, you don't realise until you run your favourate virus checker, Code Red XP notices and nukes your system.
7. You blame your virus software for destroying your computer and reinstall windows XP off the CD...
8. goto 1
Believable scare-mongering?
Security through obscurity is no security at all...
There's 10 types of people in this world, those who understand binary and those who don't.
Who would have thought. A security flaw in Windows XP. Related to UPNP. What will they think of next.
well.. there may not be a perfect operating system.. but if u need an operating system with perfect security and a beautiful track record.. try openBSD
No, the difference is that in Linux (for example), you must be a priviledged user (root) to do raw sockets. In XP, last I heard, any user could do it.
The problem is in XP, the default user has Administrator access. Restricted users cannot use raw sockets, but restricted users are effectively useless in XP on home computers.
How are *users* supposed to know about this?
I mean, it's OK for you and me, we read techie web sites like slashdot, and I'm subscribed to bugtraq. But 99.9% of the public out there aren't.
So, somewhere informative should be yelling and screaming about a problem like this that affects pretty much everyone with WinME or XP.
So, I check MS's website.
Top article with the biggest link? No. That goes to 'Give the gift of Internet for Christmas', an advert for MSN.
Ah, there's a Windows section just beneath - surely it'll be there? Nope. "Music, movies and more".
Maybe it counts as 'News'? "Test Results In - Windows XP more reliable" (at least if its getting your computer rooted you're after).
Downloads perhaps? An item at least for a security fix - the Internet Explorer one discussed last week, but no mention of any XP patches. Not even if I click "More downloads".
Maybe if you click on the 'Windows' section? No mention. But that's for the Windows XP Home edition. Maybe the Pros think it's more useful? No. "Turn your computer into an entertainment center" - very professional.
Aha - finally found it; chose a link from the Windows XP Home page to the Windows XP home page (note capitalisation difference) and theres a small link there "Important! Security patch for Windows XP and Windows ME users" on a page that apparently has the main intention of allowing people to choose whether they want the home edition or the professional edition sites, neither of which has the link.
Oh, and as an aside, is it just me, but I'm using Internet Explorer 5 with default font size settings, on Win NT 4 with default font size settings, and some of the text on the security bulletin is only about 6 pixels tall and is utterly unreadable because of this?
OK, there is info at the website but there is no exploit code given and there is not enough information to produce a script for the kiddies and it will be very difficult to reproduce this attack without more info.
.exe that anyone can run that will immediately "root" any XP or specially configured (98/ME) box. Would that be "better?" HOW would that help in any way? This is an example of how cool the guys at EEYE are. They did the right thing by a) waiting for the patch to be released and b) not publishing damaging exploit code.
/. will mod this up as anything but a troll because I didn't join the bandwagon to slam MS (I'm not defending them, per say, but everyone did do the right thing - fixed the problem before it was one) but I hope someone reads it and thinks for a second back to holes in other OSes and how they were handled (and/or abused) before getting so high and mighty.
Imagine if this was full disclosure. What if they simply posted a little
The key to remember everyone, it's a vulnerability for which there is not an exploit available and it's patched already. So, if, in 2 months from now there is CodeOrange Part 23 out there and it uses this vulnerability - let's all remember that the patch was released before there was ever a threat.
I seriously doubt anyone at
I guess so far, nobody is probing for it. at least dshield.org doesn't list it on its top 10 list.
just a warning, it's a porn site.
According to the article they found this 4 weeks ago and yet there are a bunch of idiots and their "Thank You notes" to Microsoft for their prompt effort in their news groups. I get sick everytime I have to go there due to work...
thanks for the 411 i was wondering about that.
just so everyone knows, the built in firewall in XP is very simple. it's a checkbox that essiencially says "enable firewall stuff", and then another dialog is enabled that lets you say what ports are open.
This is very good thing as i doubt very few users are interested in having ports open to the wild.
-Jon
this is my sig.
Considering the number of Windows users that actually bother with updating their system, I have a feeling that Microsoft Tech Support is going to be getting quite a large number of calls.
Taco, you might want to tell the guys at ThinkGeek to send over a case or two of their Demotivator calendars to the Microsoft Quality Assurance people; maybe you can get them to quit and go find jobs more their speed, like selling their collective ass for cheap booze or working for a sewage taste-testing company or something.
I really don't think this is the Microsoft coders' fault either; this is likely one of those features that management insisted upon...I'd almost place a bet that there is some engineer at Microsoft laughing manically and chanting, "I told you so..." from the inside of his cell^Wcubicle.
--
I Hit the Karma Cap, and All I Got Was This Lousy
forced them to release it WinXP earlier. that would have been a laugh in this gloomy end of year. now just wait and see cause WinXP SE is coming soon! and don't forget that's the road ahead. heaven is a place where there would only be bullshit on TV (hourrah, we ayeth halfway there)--Frank Zappa
if the sites slashdot links to get slashdoted, how come slashdot itself never gets slashdoted??
So say Linux takes over the desktop in the next 10 years. All the Joe Sixpacks out there running Linux decide they don't like having to login as root. They're thinking "Hey, it's my system I'll do as I please", so they stay logged in as root all the time. Wouldn't you end up with the same neverending string of security flaws and virus attacks. I'm sure most of you geeks could easily write a Linux virus, if the assumption was the user was root.
Just a thought.....
How is this informative? It's blatantly incorrect.
Linus does INDEED own a piece of the copyright to Linux. As does every contributor who hasn't signed away their ownership of the code they contribute. Just because the GPL is a "free" license, it does not grant you ownership. Read it for yourself.
People: think before moderating.
I can see the new slogan now: "Microsoft Windows XP - All your devices are belong to us"
Microsoft made available on its Web site a free fix for both home and professional editions of Windows XP and forcefully urged consumers to install it immediately.
Eek! Do they force fixes on their consumers like they force competitors out of business?
Perhaps he is jewish. You judged that he believes in christ.
Tired...
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
Does it seem to anyone else that Win* is really just a lot of bugs into which some features have inadvertantly crept, despite the best efforts of Microsoft's staff?
-jeff
-- Two men say they're Jesus. One of them must be wrong. - Dire Straits
I don't believe anything like this is malicious, obviously, nor do I think this is an MS-specific problem. But to everyone who takes closed-source peer-review and QA procedures a little to seriously, please take note: a piece of brand new code in a flagship product of a multi-billion dollar software firm released in 2001 has a buffer overrun exploit. Which any teenage coder wannabe would have been able to catch had they simply had access to the code.
I can see someone taking advantage of this and writing a Code Red/Nimda type virus that targets XP machines...
oh the fun...
it allows access to raw sockets to administrators only. however, the default user account is an administrator. so while technically microsoft has done nothing wrong, its still going to create a large problem simply because most people running XP aren't smart enough to realise they shouldnt be running under administrator all the time.
Isn't this an oxymoron akind to 'military intelligence'?
I mean really, who hasn't heard of the NSA? Or read a Tom Clancey novel....
For those who don't know what I'm talking about... read the freaking WP article!
I know it's been said time and time again, and I know it's unpopular, but Microsoft suffers not only from shoddy programming, but also from popularity.
While I doubt that Microsoft has the corner on programmers who know how to write secure code, I equally doubt all programmers who work on projects for Linux, *BSD, Mac OS X and the like have extensive training on making software secure.
Software has bugs. All software. The things that determine whether your software's bugs are found are simple:
- How good is your testing, especially before release?
- How many users use and test your code once it's released, both in beta and production?
- How many bugs make it out of internal testing and beta into production code?
Without a serious look at how many people evaluate and use your code on a daily basis, no simple count of bugs means crap.This XP problem only spells trouble for Xbox users. The only real use for the hard drive is to install patches. What a cheapskate way to do things.
do you have to be a passport member to get this patch? if you do, this could be just another attempt to make every man, woman, and child a passport member.
Why read the article when I can just make up a snap judgement?
This was not reported before WinXP was launched.
We are now 3 weeks into December. This was reported to MS 5 weeks ago, or about 2 weeks into November. WinXP "hit stores Oct. 25" or about 3 weeks before this was reported.
Not that I like this sitting unpatched for 5 weeks, but it would be a bit hard for MS to delay releasing an OS for a bug that has not been found yet.
This is my sig. There are many like it but this one is... Oops. Frank, I've got your sig again! Where's mine?
Look, I don't use XP, so I don't know how well that "firewall" it has built-in actually works.
But really, folks, anyone who connects to the Internet NOT BEHIND A FIREWALL is playing with fire ANYWAY, regarless of OS.
Windows <insert version here> may be less secure than some alternatives but still, I'd think most folks should know by now what a firewall is and understand the importance of having one.
Oh, and BTW: a firewall is a firewall, not an app running on your desktop OS. Host-based firewalling is a nice addition to your security, but shouldn't be your only security.
Federal Reserve Banks across the U.S. have adopted a new "open door" policy allowing anyone who wishes to enter the vaults unattended, GM and Ford have agreed to stop putting brakes in cars and the USDA has decided to allow drug companies to bring new drugs to market without government testing. Come on Microsoft quit lying to us. Most stable and secure Windows yet huh? Smoking is also the safest and most efficient way to good health. Evidently the definition of secure has changed quite a bit. Microsoft is now including trojan horses in their operating system to save all of the script kiddies the trouble of writing their own tools. I can't wait to see the Office .Net. I can see it now, they'll accidentally delete your files for you to save you the trouble. Yay! Give me a friggin' break. Things always come in threes. First Windows XP, then the Segway. What's next solar powered flashlights and dehydrated water?
According to the eeye coverage:
The SSDP service also listens on Multicast and Broadcast addresses. Therefore gaining SYSTEM access to an entire network of XP machines is possible with only one anonymous UDP SSDP attack session.
Someone's gonna have a lot of fun with this one!
___
The way to see by faith is to shut the eye of reason. --Ben Franklin
"and this is the most secure version of windows ever!"
QED
BSD is for people who love UNIX. Linux is for those who hate Microsoft.
According to http: // www .eeye.com/html/Research/Advisories/AD20011220.html this particular vulnerability exists on port 1900, not 5000.
:)
5000 is a different vulnerability.
Someone else posted this link about the technical info:
2 00 11220.html
http://www.eeye.com/html/Research/Advisories/AD
Best Quote:
Credit:
Discovery: Riley Hassell
With extra help from:
Ryan Permeh - for technical advice and exploitation analysis for those difficult reverse engineering situations that Ryan has wet dreams about.
hmm... for fun I enjoy launching DDoS attacks against 127.87.42.5
Ha! I heard this on AM radio before I heard it on Slashdot.
_______
2B1ASK1
I forget the trojan but the story goes like this. Bigshot vp of IT comes in from central office plugs in his laptop to our lan. We are the actual IT people in the building and have our own seperate lan segment with a T1 for testing and such. Snort goes whacko as this idiot keeps on clicking on "bigboobs.exe wants to access the internet yes/no" as it goes through port after port that is blocked. I think it was norton firewall or blackice or something. The moral of the story is the personal firewall is virtually useless against idiocy unless you set some strict rules and a password on it like Tinysoft Firewall can and even then its only a personal firewall.
An Education is the Font of All Liberty
..for some reason I've been in a time freeze. Have yet to buy presents, too. But I think the general point stands, in that security has taken a back seat to marketing with release dates of software. When major bugs are found in linux, they are fixed and a new version is released (sometimes a week within a previous version). Putting pressure on the security crowd to keep holes secret just gives MS more time to delay and reinforces the primacy of marketing. This is not just an MS problem. But MS has been at the forefront in trying to keep on lid on vulnerabilities.
When in doubt, have a man come through a door with a gun in his hand.
*cough* idiot *cough*
In this article, microsoft happens to make mention of WindowsXP's built-in PnP. I'd like to know if XP embedded therefore contains the same security flaw? And if it does, how do you patch it?
455fe10422ca29c4933f95052b792ab2
You have to remember folks, a window works 2 ways, you can look out and (aparently) people can look in.
disclaimer : My views do not represent those of every one else in slashdot.
That's almost scarier than the fact that the exploit is there in the first place. Buffer overflows just shouldn't be possible in well-written software. The fact that MS continues to get them betrays the fact that the languages, tools and/or libraries they're using to write these products are not suitable for the job, and that means there could be any number of other problems (security or otherwise) with the same products.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
I would rate it "obvious" -- not informative, but the poster I was replying to was wrong and so I pointed out the obvious thing. Blatantly incorrect? Yes, Linus + friends have copyrights on linux. My bad. The thread was discussing user's rights, so I was focused on what a user can do with linux. Namely, right of first sale is not abridged, no EULA, but the name "linux" is a trademark. Thanks for pointing out the copyright thing. I am not responsible for how others moderate my rants. Read with caution.
When in doubt, have a man come through a door with a gun in his hand.
I'm just daydreaming of rewriting the lyrics to a couple of old songs in light of this, namely the PeterPaulMary tune that ends each verse with "When will they every learn" and Bob Dylan's "Blowin' in the wind"....
How many times must the hackers break in
Before they buy something secure?
How many times must an email infect,
before they just dump their Outlook?
How many times must they reinstall Win,
before they realize it's just crap?
The answer my frind, is blowin in the win,
the answer is blowing in the win.
[ or something like that, that's just off the cuff but you get the idea ]
try { do() || do_not(); } catch (JediException err) { yoda(err); }
Why is it emphasized or even mentioned that this patch is free? Has there ever been a MS patch that hasn't been?
"This is the first network-based, remote compromise that I'm aware of for Windows desktop systems," said Scott Culp, manager of Microsoft's security response center.
Does this remind anyone else of the history-altering society of the book 1984?
"Microsoft said a new feature of Windows XP, known as "drizzle," can automatically download the free fix, which takes several minutes to download, and prompt consumers to install it."
;)
They're being nice this time. Asking the current user. Anyone out there have XP installed? Go and look in your local users. 'Microsoft' is a local user. The installation configures it automatically. So that Microsoft I guess can run software on your computer without your knowledge to 'help' you. Wanna bet any local user could say yes to the drizzle request? Wanna bet they could fix this remote access hack by remotely hacking into your box and running code?
Discuss.
---K2K was here---
I was right the first time, sorry. :) SSDP (Simple Service Discovery Protocol) lives on port 5000.
Go to Services and disable Universal Plug and Play. Unless I'm mistaken, the only thing UPnP is good for right now is if your fridge or TV has a Cat-5 interface.
There are a huge number of yeast infections in this county. Probably because we're downriver from the bread factory.
This is how MS was going to get the states on board -- log into their XP boxes and rewrite the legal docs. =)
Well, who needs FBI's "Magic lantern" when Bill is already sitting in the box, operating his full stadium light show at port 1900 ?
:-)
Federal Mail Fraud - Title 18, Section 1341 (Frauds and Swindles) (has a nice ring doesn't it.) (Or Federal Wire Fraud for that matter - Title 18, Section 1343 - elements only slightly different.)
"Whoever" - That would include Microsoft ? a corporate entity under U.S. law, and certainly a company that has generously availed itself of U.S. criminal and civil law in pursuing its business. (Live by the sword, Die by the sword - paraphrasing Matthew)
"having devised or intending to devise any scheme or artifice to defraud"
Knowingly:
"flaws, discovered five weeks ago by independent security researchers" MS has known for five weeks, or perhaps slightly less. Easily established by the testimony of the "independent security researchers"
Or even Scott Culp - Head of Microsoft Security (Public statement against interest - not hearsay)
"This is the first network-based, remote compromise that I'm aware of for Windows desktop systems,"
Who cares whether it is the first. It is enough that he, a lawful and selected representative of Microsoft clearly speaking on behalf of the company, is and was aware of it. Certainly during the time it took to write a patch. But there was a better remedy that would have avoided defrauding hundreds of thousands of customers. Suspension of all sales.
Makes a false statement: /. user, it is against the poor rubes that MS tells to "fly."
This one is easy. Copious statements representing the adequacy of security of this product. Millions upon millions on advertising to convince us all what a secure OS XP is. Maybe we are all too used to being lied to. But the fraud is not against the
Causing another to change position:
Sales may be a bit below 95 or 98, but we are still talking a large number of victims here.
And obtaining money as a consequence of the misrepresentation:
Well, they are selling it. Who in their right mind would pirate it? You could readily prove this element with their quarterly SEC filings. Official business records/legally required disclosure.
As far as the scheme to defraud, - start with the web page and work your way down. The represented reason for withholding this information is that it "threatened to undermine widespread adoption of Microsoft's latest Windows software." This is classic. They are admitting that they knew that if they told the truth, people would not buy it. Even if they didn't say this "on the record," and it is considered hyperbole on the part of the reporter, it is easily proven by the circumstances. Now editorial comment that MS is somehow anticipated to be a "catalyst for the sagging" industry is really no defense. Microsoft wanted to cause people to buy software that has a "very serious vulnerability" in order to accelerate their business.
Sounds like most mail fraud operations I've ever heard of.
"or for obtaining money or property by means of false or fraudulent pretenses, representations, or promises,"
MS Web page: "Now Windows XP offers strong security to home computer users through Internet Connection Firewall protection, which makes your information, computers, and family data safer from intruders as soon as you start using Windows XP."
MS Web page: "Enjoy the new standard in dependability and simplicity ... Secure and private...
"places in any post office or authorized depository for mail matter or thing"
Microsoft Website - buy XP by mail -
http://www.microsoft.com/windowsxp/home/howtobuy/p urchase.asp
"Shall be fined not more than $1,000 or imprisoned not more than five years, or both."
Don't you wonder how many they sold by mail? X = n * $1,000. Y = n * 5 years.
"If the violation affects a financial institution, such person shall be fined not more than $1,000,000 or imprisoned not more than 30 years, or both?
Hmm? Any banks buy a copy? More than one? You do the math.
One more crime, just for good measure. (Given a couple hours I could find half a dozen more) Under California Law, Theft of Computer Services (Title 13, Section 502) includes: a) "Knowingly and without permission accesses or causes to be accessed any computer, computer system, or computer network." And
b) "Knowingly introduces any computer contaminant into any computer computer system, or computer network."
Call it a bug, or after they knew about it, call it a virus. Whichever, it certainly looks like a "computer contaminant."
And now the punch line.
18 U.S.C.A. 981
981. Civil forfeiture
(a)(1) The following property is subject to forfeiture to the United States:
"(D) Any property, real or personal, which represents or is traceable to the gross receipts obtained, directly or indirectly, from a violation of--
(v) section 1341 (relating to mail fraud);
Let that one percolate, and then move on to the one I think someone ought to be working on:
18 U.S.C.A. 1961
Racketeer Influenced and Corrupt Organizations ?- RICO
As used in this chapter [18 USCS Sections 1961 et seq.] (1) "racketeering activity" means ... (B) any act which is indictable under ... section 1341 (mail fraud), "
And if the underlying facts in the Antitrust suit being upheld through ALL appeals is not sufficient to establish a "Corrupt Organization," what is?
The Attorney General must take action against Microsoft. Nothing else will amend their standard of care!
Quis Custodiet Ipsos Custodes "Who Keeps the Keepers Themselves" ~ Juvenal
Win98 doesn't have UPnP... In fact the UPnP spec wasn't even drafted until June'2000...
Only ME/XP have it, but it's off by default..
Wanna know why its off by default?
UPnP works like this:
1.) Turn on UPnP device, it then multicasts a "hello"
2.) UPnP Control Points within 4 hops, (ie WinXP/ME) receive multicast, and do an HTTP get on description documents...
Now... Imagine if you have a network of 100s or even 1000s of computers, and you flip on a couple UPnP devices... Can you say network storm?
If you actually read the bulletin, you will see that it only affects you, if you are running Internet Connection Sharing. This story, makes it seem as if you are vunerable no matter what.
/. readers are using ICS? heh.....
This isn't a "go get the patch, or die" patch, but "get the patch if you run ICS" patch.
And how man
Sure, go get the patch, just in case you decide to run ICS on you machines (god knows why you want to do that.....)
--Frank
"Neither life nor happiness can be acheived by the pursuit of irration whims." --Ayn Rand
This should be redundant by now. The reason that flaws like this exist and the reason they will continue to exist forever is that it's more profitable to produce untested (more or less) software than it is to produce secure software.
Think auto manufacturers. They know every subtle flaw of their vehicles, and they will sell them with faulty gas tanks or whatever if the expected liability resulting from failures is less than the cost of good equipment.
Think major airlines. They care more about the perception of security than true security. Compare the security measures taken by any major US airline to El-Al. All US carriers care about is the bottom line, and quite frankly it is more profitable to let a plane get hijacked every once in a while than to make all flights truly safe. El-Al, on the other hand, is truly concerned about security and takes all kinds of measures that would make the fat cats at US airlines shiver when they heard the cost.
In the case of Micro$oft, there is no liability from insecure product, per se. There is only the risk of reduced sales, which can be mitigated by a savvy-enough lie^H^H^H^Hpress release.
Whether Microsoft knew or didn't know (or should have known) of this flaw when they shipped XP is splitting hairs. It is a business decision to write crappy code...one that M$ has found quite profitable...
-AC
Unfortunately, those of us still running the Preview version of XP are out of luck, as the patch (which was hyped so badly on the news that my wife called me at work to make sure her novel wouldn't be deleted) only installs on Windows XP gold.
:) I have the Universal Plug and Play Device Host and SSDP Discovery services disabled, but have no idea if that is enough to stop the exploit.
Does anyone know of a workaround for us previewers? (Other than booting Linux...
eEye Digital Security:
:-)
We would strongly suggest denying all UPNP traffic at your internet borders as there is really no need to allow UPNP traffic across the Internet.
Microsoft Technet:
What can corperate firewalls do:
Block all traffic on port 1600 and 5000.
Doesn't happen often that technet gives more information than a released security alert
bash$
Running out of witty comments for these microsoft security flaws........will have one when the next security hole is descovered.......lets see thats about 2 hours from now?
"I disapprove of what you say, but I will defend to the death your right to say it." - Voltaire
Its not a bug its a feature!
Windows is for people who can't wipe their own asses. You expect someone who can not change their homepage to implement a firewall?
War is necrophilia.
They were right! The terrorists DID get in to XP! I hate reverse psychology! "If you don't buy XP...the terrorists win."
"No OS is perfectly secure, but I bet a lot of new XP owners won't be too happy about this."
Perhaps fewer than you might think, because first they have to know about the hole, then they have to care . In my experience, the average joe doesn't understand the implications at all, and asks "why would anyone want to break into my system anyway? I have nothing of interest or value there."
As Slashdotters we tend to highly over-estimate the level of understanding of the average joe with regard to security issues and YRO in general. Sad, but all too true 8^{
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Yeppers.
Now this thread is over. Please move on...
There is going to be many security flaws in any major piece of software. Everyone is looking closely at WindowsXP becuase it is the next big thing.
As for the "Linux, anyone" comments? Linux is fine for the desktop, unless you actually want to run any popular software... But I guess 0.25 percent of web surfers can't be wrong.
AdamTrace
yea, thats why its installed & enabled in the default XP install routine.
its a lot like zonealarm in functionality, but most people are using it alongside zonealarm from what ive seen.
Windows is for people who can't wipe their own asses.
Come on. It's that kind of comment that earns us an elitist reputation. I've worked with plenty of Windows users and overheard them rustling paper in the stall, but never asking for help.
Now, it is true that they rarely wash their hands afterwards, but it's not because they don't know how. It's because they know they'll be handling another big piece of shit when they get back to their desks anyway, so why bother?
Windows is for people who can't wipe their own asses. You expect someone who can not change their homepage to implement a firewall?
Good thing it's enabled by default, huh?
NO CARRIER
And don't call me Shirley.
...grows best in dark, next to the mushrooms.
Microsoft doesn't do code inspections. I believe that this explains alot of their "bugs". Any software development team, where quality is critical, inspects *every* line of code. And that doesn't mean "make the rookies do code inspections". I'm talking seasoned programmers spending hours and hours walking through code.
They will ship "there's-someone-you-don't-know-inside" stickers :-)
Should read, "The answer my friend, is --- win blows."
Microsoft might wish to use this flaw to justify a more granular license renewal scheme. Windows could disable its network interface every month, allowing the user only to connect to MSN to renew his license and download the latest bug fixes. That would enable a usage based pricing model. The people who use the software the most should pay the most, right?
I don't see this patch listed when I goto windows update? Is this just me or are more people not going to think they need to download the patch because it doesn't show up?
-next we'll see an exploit that redirects a user to "auto-update" (or "drizzle" ??) to a nefarious website (rather than MS) that installs all sorts of back doors and vulnerabilities, leaving the box wide open!
BTW- whenever I hear the word "appliances," I envision a nightmarish world of tying to get the dishwasher to work amidst a storm of DOS attacks... or the house burning down because hackers made it into the oven (where I hid all those dirty dishes)... or all the wasted food from the email virus that defrosted the fridge, or waking up in the middle of the night in a sweat because someone turned the heat to 95
Those that suggest you "dance like no one is watching" really want to see you make a complete fool of yourself.
Maybe in the OS, but certainly not with their processors. Hmm, what company forced their customers into silence when their cache had a serious bug? NDA, or no support. Sounds open to me.
Remember that?
.net initiative will probably be MS' Waterloo. My bets are for them to be the french.
The 'successful' way to develop shrinkwrap software has been to quickly get to market, preferably first, with whatever you got, barely working, buggy or whatever. Then upgrade, etc. Microsoft has been very successful doing things that way. So they release XP the same way, and here we go, a major bug that opens the OS to the world.
How long and how expensive would it be to do a thorough code security audit of the os? It would tie up a group of the best coders (a rare commodity even for MS), and probably a year. No wonder they don't do it.
Here is how the internet changes things. They couldn't survive if they did it properly, but they may not survive if they don't.
Recent security audits notwithstanding, the
Derek
What did Periclese compare Athen's newly glorified acropolis to? Jewels on a whore. History is instructive indeed, thank you Thucidities.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Slight correction: Windows is for people who like to play Return to Castle Wolfenstein. I prefer a dual boot, so I have the option to play something more advanced than Tux Racer, but also have the option to run a secure, stable system while I am coding. At least I know how to take a break...
Folks,
I think at least Microsoft has done something to immediately close this security hole.
If you want to get notification of any security patches for any Microsoft product, their security web page (www.microsoft.com/security) allows you to sign for for an email notification service that gives email warnings about possible security problems and available patches to correct said problem.
It's also a good practice to regularly visit the Windows Update web page (windowsupdate.microsoft.com). That page has Critical Updates that includes security patches.
Stupid Dumb f*ck MS. Gee, another security flaw, who'd have thought? Maybe now I can convince my boss to use *nix.
Now if we really dislike windows, why are we sending in so much information about its flaws?
Why don't we instead just let the XP bugs roam free, with the least amount of public information, so its users will just have to pay the costs with bug ridden machines? That's nasty, but there's nothing like a break-in to make one consider the cost of an insecure OS.
Just an idea.
Let's wildly speculate here. At M$, they put on the glossy brochure to attest to the security of XP, all the while "engineering" large backdoors in the security. 98% of the population loads the product, BEFORE THE FIRST SERVICE PACK for cryin' out loud. M$ now has control over many systems and can glean whatever knowledge they want, perhaps even plant other code. When an independent organization or person finds and discloses the gaping security hole, they switch to the "feign concern" mode. Shortly after, they have a fix for it, something they work working on from the beginning. They still have a load of PC users who will never load the SP or patch, where they still have access to SYSTEM account. It would also not be surprising they use the knowldge gained from those machines to feed marketing data folks, probably a sweet deal for them.
The above prose is fiction.
Believe in things of which no person has ever learned
I checked my "failed connect" logs and, no hits on port 5000 yet, nor in the last 5 weeks. Maybe it's not a kiddie toy yet?
Success is as dangerous as failure, hope as hollow as fear.
It's a shame that we all have to wait for 'issues to be resolved...' before using an 'new' OS, driver, or application. Common phrases heard in a real environment. (real as in work/production, not home desktop or hack machine) "We're not upgrading until SP3 is available." "We advise you not upgrade to RedHat 7.0 , "Please wait atleast until redhat 7.1 is available." , etc..
As maybe your atypical programmer, I take great care in my programming. If my name is going to be assoiciated with it, I'm not realeasing shit code. I work and have worked with programmers that knowingly code flawed code and rely on QA catching the problem to buy some time. How can someone do that? Turns my stomach. So what happens if you've got a careless programmer and careless QA? Big known bug-a-boo slips out the door.
All I really would like to say is take pride in your work. Be careful and don't realease shit code. No, I don't write bug free code. Yes, I have missed deadlines, but only by days, not weeks/months. No I've never gotten slack from missing a deadline b/c I spend less time in post support. I'd rather deal with issues up front while it's fresh in the head than to fuck with code several months after the fact.
*hops off soapbox*
Might be worth noting that the TechNet bulletin and patches were available about an hour prior to this /. article being posted.
It's a good idea to sign up to the TechNet security bulletin mailing list. You get all of this news early.
Every time after reading slashdot I have to run Windows Update... it's getting annoying :)
... use linux... Blah Blah Blah
Reply:
Blah Blah Blah
Come on, people, does this really matter? Surely everyone knows that if you have or do anything important on your computer, you don't use Microsoft stuff.
I mean, rational human beings are able to learn from repeated experiences, right? This planet has intelligent life ... RIGHT?
I have to believe it's true. Therefore, this security flaw impacts no one.
Not according to MS.
War is necrophilia.
IMAO it's only a question of a pop-up or assigning a colorcode to attachments...or making the users read a short note on e-mail security.
MS keeps their head in the sand...no mention of this on their main web page...
n o t h i n g......
Why doesn't Microsoft install the patches by port scanning for the vulnerability?
Why only UPNP?
.. do you want to supply one... is asking for trouble Even a signed driver - if it is old - may have buffer overflow vulnerabilities - use this to set diagnostic modes on a video card chip feature, then using dma to go a wandering.
The protocol for normal PNP and USB devices, and physically plugging in new cards, or altering an old card with an overlapping or unknown identification code may invokes system level install processes - windows has detected new hardware - cannot find a driver
The trusting registry needs to REJECT all new hardware and devices by default, and an implicit acl check on the ones it has.
That would make windows very unfriendly, and also knock out identical cards with different firmware.
Thankfully, the video card manufacturers are not telling, what security nasties are lurking, but it is an area ripe for discovery.
Super Patch available here: Solves all known and future XP problems.
t .h tml
http://www.sun.com/software/solaris/binaries/ge
So it is only them (the biggest hope of MS continuing making a profit) that are affected.
Then it is fine, those corporate bastards.
IANAL but write like a drunk one.
Even if this is wrong, it's not a troll. Moderators take note: difference of opinion is the root of all evil.
Moron.
Go back and read what they wrote. Microsoft (as in the company) are forcibly urging customers to install the upgrade. Not the OS. The company.
Forcible \For"ci*ble\, a. [Cf. OF. forcible forcible, forceable that may be forced.] 1. Possessing force; characterized by force, efficiency, or energy; powerful; efficacious; impressive; influential.
(from the Webster's Revised Unabridged Dictionary)
It's not even a nasty term!
Sheesh - I mean, I know the editors get it wrong often enough, but do we really need to harsh them when they get something right?
-Shane Stephens
It's people like you who give Linux a bad name. Lay of the crack and try to act like a sane person. Thank you.
You can argue that it's not a very good idea to give too much information of a hole before a patch exists. Especially if the software is widely used. But this was new software which Microsoft has been happily selling for the last five weeks knowing that there is a big security hole.
The minimum they should have done is to tell right away that XP has a security hole and that it's unsafe to connect it to the internet.
If they acted responsibly, they should have stopped the sales, fixed the hole and rereleased. It's expansive but the security of all those clients should be more important. Especially as Microsoft has the money to do that.
Can you sue if you get attacked thanks to this hole and you have bought XP within last five weeks? Microsoft knew about the risk but ignored your safety? I sure hope some will as I'd hate see any company get away with this.
Kiwaiti
P.S.: To think that I'm actually posting this from a 2000 box at work... *shudder* ...thank god I'm not responsible for it's security!
Member of the Legion Of Microsoft Haters
If my memory serves, you need to sign up for Passport to received updates for XP. Maybe I am being too cynical, but isn't this just a little too convenient for Microsoft to have something that essentially requires ALL XP users to comply and sign up for Passport or their machines could be "taken over" just by connecting to the Internet?
Solitaire is very cleverly disguised tool for training new users to use the pointing device.
Is it possible that MS is intentionally inserting these bugs into the code, so it's software is ALWAYS open to people with the right amount of power *N S A* to break into your computer?
Or some kind of spying of foreign companies *E c h e l o n*
Or such?
You know... maybe Mr. Osama is running WinXP...
There's an old saying...."...locks were meant to keep out the honest" (good hackers have never had to worry about them, they make their own doors).
I don't have XP installed but my co-worker does and he showed it to me. Do some more digging.