Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Refuses To Fix NT 4.0 Exploit

Posted by CowboyNeal on from the no-visible-means-of-support dept.

shmigget writes "The Register is reporting that Microsoft is throwing in the towel as far as NT 4 is concerned on the latest security flaw to affect Windows 2000, XP, and NT 4. They quote Microsoft as saying 'The architectural limitations of Windows NT 4.0 do not support the changes that would be required to remove this vulnerability.'" There still is a workaround for NT 4.0. Instead of patching the problem, it's advised to firewall off port 135 on an affected machine.

20 of 664 comments (clear)

  1. ZoneAlarm by yycs · · Score: 5, Funny

    So in effect, ZoneAlarm could be considered as a patch for this problem??

    1. Re:ZoneAlarm by Erris · · Score: 2, Funny

      That or IP chains on a 486 could help protect your wimpy little M$ box from the big bad internet. Need help with those pesky chain rules? Try plonk. The best patch I've seen so far is the M$ Offswitch. What was the wonderful New Technology, NT, good for again?

      --
      DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
    2. Re:ZoneAlarm by technos · · Score: 3, Funny

      Oh.. Oww.. No, you don't want to even break wind in the same room as those. It's hard enough to get them up running stable in the first place

      --
      .sig: Now legally binding!
    3. Re:ZoneAlarm by kir · · Score: 2, Funny
      It's getting comon to Block all ICMP messages even though they are needed for things like packet size negotiation and error reporting.

      I hate firewall admins that block all ICMP. I hate them. It should be legal to kill them... well... at least hurt them.

      I work with the DoD. They use encryption devices quite a bit. These devices always request fragmentation (they need some room too you know). I don't know how many times I've pleaded with a firewall admin to let ICMP type 3 (code 4) through.

      I'm starting to go bald and it's all ICMP's fault.

      --
      3cx.org - A truly bad website.
    4. Re:ZoneAlarm by The+Welcome+Rain · · Score: 2, Funny
      Impossible, adj.:
      1. I wouldn't like it and when it happens I won't approve;
      2. I can't be bothered;
      3. God can't be bothered.
      Meaning (3) may perhaps be valid but the others are 101% whaledreck.
      -- Chad Mulligan, The Hipcrime Vocab
      from John Brunner's Stand on Zanzibar
      --
      Some keywords for the NSA in the Lord of the Rings universe: One Ring bind find Sauron quest Nazgul freedom
  2. M$ says by Rooked_One · · Score: 1, Funny
    M$ Exec's - "Ficksing it is two hurd for us. Lets jest stop seportang it."

    M$ Programmers - "But its a product that is still in use, we have a responsibility to our customers."

    M$ Exec's - "Wats this respongeability you say?"

  3. Honesty Filter by waldoj · · Score: 4, Funny

    After running this through the honesty filter, we come out with:

    "Windows is fundamentally insecure. Suck it up."

    Gotta love the honesty.

    -Waldo Jaquith

  4. ... ways by Rock · · Score: 2, Funny

    Ve haf ways of making you upgrade, ya!?!

    --
    - - -
    "The sixth sick shiek's sixth sheep's sick."
  5. Coming Soon! New Microsoft tagline by JoeShmoe · · Score: 4, Funny

    "Windows XP Professional is built upon the rock-solid reliability of Windows NT technology, the architechture that is so fundamentally limited that it does not support the changes required to remove significant vulnerabilities."

    Doesn't have quite the same ring to it.

    - JoeShmoe
    .

    --
    -- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
  6. Re:Whats a Bxploit? by Pxtl · · Score: 2, Funny

    I'm confused at that - those keys aren't even next to each other - how could that typo have existed? Maybe a Dvorak?

    Or is it a bizarre acronym? Back-Exploit, 'cause its an old software version?

  7. Give them a break. Really. by burgburgburg · · Score: 4, Funny
    If you had to deal with half as many security flaws/exploits/holes as Microsoft, you'd be tired too.

    Plus, why are people so irksome in not upgrading to ever newer and more expensive operating systems like they're supposed to? Constantly forcing Microsoft to keep looking back over legacy code. It's ugly, dirty and scary back there, not like in candy XP land.

  8. Microsoft Refuses To Fix Bxploit by Anonymous Coward · · Score: 1, Funny

    Those Eastards!

  9. Bring out your dead... by A_Non_Moose · · Score: 2, Funny

    NT4: I'm not dead yet.

    Microsoft: Yes you are, you just don't know it.

    NT4: Really, I'm very much alive.

    Microsoft: No, you're very sick and could give over any minute now. ..and on and on.

    (I'm so ashamed I can't recall that conversation verbatum...
    Getting old, I suppose.)

    --
    Have you read the moderator guidelines? Well, have you, PUNK? (and I want a Karma: Gnarly option)
    1. Re:Bring out your dead... by DoubleD · · Score: 2, Funny
      Full(modified) version. Original courtesy of www.imdb.com And no, I couldnt remember the full text either.
      • /dev/null: Bring out yer dead!
      • Microsoft: Here's one.
      • /dev/null: That'll be ninepence.
      • NT4: I'm not dead!
      • /dev/null: What?
      • Microsoft: Nothing. There's your ninepence.
      • NT4: I'm not dead!
      • /dev/null: 'Ere, he says he's not dead.
      • Microsoft: Yes he is.
      • NT4: I'm not!
      • /dev/null: He isn't.
      • Microsoft: Well, he will be soon, he's very ill.
      • NT4: I'm getting better!
      • Microsoft: No you're not, you'll be stone dead in a moment.
      • /dev/null: Well, I can't take him like that. It's against regulations.
      • NT4: I don't want to go on the cart!
      • Microsoft: Oh, don't be such a baby.
      • /dev/null: I can't take him.
      • NT4: I feel fine!
      • Microsoft: Oh, do me a favor.
      • /dev/null: I can't!
      • Microsoft: Well, can you hang around for a couple of minutes? He won't be long.
      • /dev/null: I promised I'd be at SCO. They've lost nine today.
      • Microsoft: Well, when's your next round?
      • /dev/null: Thursday.
      • NT4: I think I'll go for a walk!
      • Microsoft: You're not fooling anyone, you know.
      • Isn't there anything you could do?
      • NT4: I feel happy! I feel happy!
      • [/dev/null glances up and down the street furtively, then silences WindowsNT4 with his a whack of his club.]
      • Microsoft: Ah, thank you very much.
      • /dev/null: Not at all. See you on Thursday.
      • Microsoft: Right.
      --
      "He is no fool who gives what he cannot keep in order to gain what he cannot lose."
  10. Quick Fix? by JonTurner · · Score: 1, Funny

    >blocking port 135 on a firewall is a better option.

    I can't help but wonder how many brainwashed MSCE's will "solve" the problem by setting up a firewall running Win2K.

  11. Re:Borg icon by JonTurner · · Score: 4, Funny

    I find it interesting that the "Windows" topic has finally been used. This is the first time I can remember seeing it

    Me too. However, since we're discussing a Windows security hole, shouldn't one of the glass panes be broken?

  12. Re:No surprise by dsplat · · Score: 4, Funny
    Considering that this is a security vulnerability that they are talking about, Microsoft needs to look at what they committed to their customers in that timeline and better get a fix out ASAP!


    Didn't you read the EULA? It specifically said, "This product is supplied without any warrantee for any use whatsoever. Even as a high tech coaster in an oversized box. If the media is damaged, we will replace it with undamaged media, which we also don't guarantee has any usable software on it, within 90 days of the purchase date. Do not use in the presence of electric current. If cough persists, discontinue use."
    --
    The net will not be what we demand, but what we make it. Build it well.
  13. Re:Thanks MS, steal DCE's port and make it insecur by Anonymous Coward · · Score: 1, Funny

    There goes Unix, being more efficient than Windows again!

  14. Re:No surprise by Frymaster · · Score: 4, Funny
    After the Win9x series, I'd say it's Microsoft's worst product.

    oh, you are so forgetting microsoft bob.

    --

    2 1337 4 u!

  15. Re:Borg icon by phillymjs · · Score: 2, Funny

    Close, but here's what they'd really do:

    -Announce a 'strategic partnership' with the Plexiglas people
    -Send their own team of glaziers to study Plexiglas
    -Suddenly announce that they are changing strategic direction and dissolve the partnership
    -Six months later, Microsoft ClearPane, which looks remarkably like Plexiglas, is shipped. :-)

    ~Philly