Slashdot Mirror
Microsoft Discloses Security Flaws in XP and WMPlayer
An anonymous reader writes: "Salon is running a story on Microsoft's disclosure of a number of security flaws in WinXP and Windows Media Player, versions 6.4 and 7.1. The story also states that there are 2 critical vulnerabilities in Commerce Server 2000. Will I ever get the bang for my MS buck?"
After seeing holes in OpenBSD and Apache recently, I guess it's Microsoft's turn again. ;)
The article implies that these vunerabilities haven't been patched. Funnily enough, I downloaded the patches from Windows Update last night, thanks to XP's auto-update feature.
Every Operating System and application has bugs. If there were security bugs in Linux or Freeamp, would it warrant front page news?
Not wishing to be Flamebaity at all. MS have a lot of things severely wrong with them. For once they've dealt with an issue in timely fashion. This is not the Anti-MS rhetoric you're looking for.
"Why did they cancel my favorite Sci-Fi show? I downloaded ALL the episodes!"
http://www.microsoft.com/technet/treeview/default. asp?url=/technet/security/bulletin/MS02-032.asp
Would it have killed ya to post this as well Timmy? =P
This morning windows updater had already downloaded the patches, all I had to do was confirm the installation.
People can whine all they want about that there are security flaws and ofcourse it's sad these still pop up, but the patches are there, the system to install them is VERY easy (just click one single button) so in the end, the end-user is not that much hurt by them, simply because the patches are installed so easily.
The discussions about 'security flaw free' software are endless and allthough they should be held, are nowhere near consensus: as long as there are humans involved in hammering out code and as long as the computer/software based checkinglogic is not up to par as where it should be, these flaws WILL be there, possibly in every tool written by man. Until computer science reaches the point where a compiler can proof that software is security flaw free, we should be grateful that the FIXES for security flaws are installed using the most easiest way: by simply clicking one single button.
Never underestimate the relief of true separation of Religion and State.
You should have read the installation instructions. I'm not sure about Redhat but my Debian asks if it may overwrite the MBR while Windos does it unconditionally.
And
> Before this, I was a neutral in the Linux vs. Microsoft debate.
I don't buy that. If you weren't biased towards Windos in the first place you wouldn't have given up on the first minor problem and blame Linux for something which is your own fault.
If I had given up on installing Windos because of commensurable issues (I actually did this several times, though I never seriously used it) I would never have gotten any Windos to run -- except on my laptop, where it came preinstalled (I'd rather have it without, but they don't sell it, and you know why).
He saw some dirty arabs and fired. Too bad it was just some friendly kurds, BBC reporters and his fellow cowboys.
Sounds like your friend needs to take that sticky pad and write a script. Then create a big icon for the script and call it "Get Yahoo Mail, Click Here".
I have no idea if that can be done in windows. I know that it can be done with most, if not all, Linux desktop enviroments.
Linux on the desktop does not need to be "difficult". Linux remains the better option over Windows, you just have to get over being lazy. The bad news is you have to learn something new. The good news is you're gonna learn something new, and it's going to work.
So what if your friends mom can't/won't write scritps to automate her computing tasks. You do it for her for a fee (even if it's just chocolate chip cookies). You set up a Linux desktop for her once. Give her one button access to the things she wants to do and she'll be out of your hair. She damn sure won't be calling you to come fix her computer because of the daily BSOD.
. Quit playing Monopoly with Bill. Switch to one of many non-Microsoft products today.
From http://www.microsoft.com/technet/treeview/default
Never confuse volume with power.
Since no one else has answered:
The bug is really only a technical one. In practice, it's really like that "Perrun" hoax virus, in that it requires a huge amount of setup and complete access to the system in order to gain... well, to gain complete access to the system, which an attack would already need in order to use this bug maliciously. Basically, Windows Media Player can remotely open up the system if the attacker has found a way to get a malicious executable file into IE's cache and then convinces their victim to go to a maliciously constructed website that they've setup. When the victim goes to the maliciously constructed website, Windows Media Player could then give out information that could be used to get into the system through the IE cache.
The problem lies in the specific executable file that has to be placed into the cache. In order to get the executable file into the cache, the attacker would have to have full access to the machine or trick the user into accepting it and running it. But if they could get the user to do that, they would have full control of the system anyway, just like they would if the victim was running any OS other than Windows.
So really, it's just a small, stupid bug that's being blown out of proportion. It can't do anything other than redundantly take over a computer after it has already been taken over in a different way.
GreyWolf3000 wrote:
> Why on earth would there be a bug in Media player
> that allows uncontrolled access to the system.
> What we have here folks is a very good example of
> what a horribly designed OS Windows is...
XP isn't Palladium (yet), but it is a/the DRM OS. Microsoft's Media player is like a trap door that leads down to the core of the system. In the center of the OS, behind that trapdoor, sits a huge spider called DRM. Every file loaded, whether a document or media file, an application, or a driver, has to pass DRM's inspection. DRM checks to see that those documents and media files are legally licensed, and those drivers and applications are approved by Microsoft (don't want any of that cancerous GNU goop around). Anything that smells even slightly fishy to DRM gets pounced on and eaten. Anything that passes muster, gets passed on to the OS and applications for use.
In unix-speak, that DRM spider would be the god of root, able to tell even root what they can and cannot do. If you try to work around DRM and do what you want with the idiot box you paid for, DRM calls on his old bud DMCA, and DMCA sends the nice folks from the FBI to cart you and your PC off to separate jail cells.
Since everything the media player plays goes through DRM, it is easy to see how a media player bug could affect the whole system. And since DRM is relatively new, it will have bugs itself. And since DRM is potentially updated everytime you download a song (check your XP EULA), the potential for disaster is high. Yes it is horrible design. Then again, DRM is a horrible concept.
That's the price one pays for doing business with a company that treats their customers like potential criminals. The ironic thing is that Microsoft is the one convicted of breaking the law.
What happens when you embrace and extend Godzilla? Nuclear heartburn!
See "Godzilla 2000" (released in Japan as "Godzilla 2000 Millenium") for details.
The problem lies in the specific executable file that has to be placed into the cache.
Not a problem. The system will dump ANYTHING it is given into the cache. Take a virus.exe file and rename it to banner.jpg or something. The browser drops it in the cache with a randomized the name and sub-folder. Since it's not actually a jpg or whatever it may be silently ignored. If an attacker can discover the randomized name and location in the cache he can tell the OS to run it as an EXE. It isn't simple, but all the required steps HAVE been worked out and are available on the net.
So no, this is not "a small, stupid bug that's being blown out of proportion".
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.