Shattering Windows

ChrisPaget writes: "I've just released a paper documenting and exploiting fundamental flaws in the Win32 API. Essentially, they allow you to take control of any window on your desktop, regardless of whether that window is running as you, localsystem, or anywhere in between. The technique has been discussed before, but AFAIK this is the first working exploit. Oh, did I mention it's unfixable?" You may want to read this CNET interview with Microsoft security head Scott Charney to learn even more about "trustworthy computing."

FP

Microsoft Standard First Post 1.0.

Jeez

[roguerez]

That's really OLD. Like >15 years or so. It's not comparable at all to X-Windows where the clients run on a multi-user system.

here we go

[tps12]

Well, what can I say to this? We've all suspected that poor design could finally bite Micro$oft for real. And now here it is. The unpatchable security hole.

I think this is the end of Windows.

What can they do? Where can they go? Even if M$ could take all of its employees off the Office, X-Box, and every other project, and put them to work on a new OS, it would be months before it could be released, and more months before there were any applications for it. By that time, most or all of the existing Windows base will have been compromised.

It's kind of unfortunate that Linux will win, not based on its (considerable) technical merits, but because of a Windows design flaw. But in the end, all computer users will be better off, so I can't complain. Welcome to the world without Windows.

Re:here we go

[turbine216]

The END of WINDOWS? Christ, could you pack just a little more apocalyptic FUD into that statement?

This "exploit" is hardly even an exploit - it requires the ability to run arbitrary code. And if just anybody can acquire the ability to run arbitrary code, then i would say the problem runs a bit deeper than msgsvr32.dll.

Here's something to chew on, zealot: use this exploit on my win2k server. I dare you. What? You can't get in? Oh, you mean the BASIC SECURITY FEATURES BUILT INTO THE OPERATING SYSTEM HAVE THWARTED THIS EXPLOIT BEFORE IT COULD EVEN GET OFF THE GROUND? That's what I thought.

Christ, your drivel is actually making me sick. Do you actually believe what you just wrote?

Is this really a security risk?

[turbine216]

This whole exploit seems flawed in its assumptions...I mean, how can it be classified as a security risk of ANY sort if it requires that someone is sitting in front of the computer? It seems like this is something that could easily (EASILY) be avoided by - wait for it - preventing unauthorized access! Something that Windows has been doing pretty well since Windows 2000 (flame on, zealots, but it's true).

Sounds like this guy is just trying to gain cool-guy points with the slashbot crowd by showing off his 1337 windoze hacking skillz. Pass.

Re:Take control?

[Tassleman]

You're either full of shit or have some bad hardware in your box. Alternatively, you could just be incompetent or want to join in on the MS bashing with all the others. Either way, BS.

Re:Take control?

[Moonshadow]

No, his first mistake was running IIS.

The second was running an internet-visible server on Windows.

*shudder*

I'm a big fan of Windows workstations. They let you work quickly and get the stuff done that needs to be done. However, the need for user friendliness isn't there with servers. A server should be run and maintained by someone who knows what they're doing, both in the arenas of security and optimization. Running a webserver on Windows is somewhat indicitive of a lack of both.

I in no way, shape, or form advocate, condone, or approve of Windows servers. Not good.