Slashdot Mirror
Ten Security Bulletins From Microsoft
wschalle writes "Microsoft has released 10 "new" security bulletins, including one pertaining to a vulnerability in the Windows Shell, apparently exploitable via the web. The shell vulnerability only allows code execution as the user viewing the malicious web site. Aren't you glad your shell is web-enabled? The recent GDI+ vulnerability is re-released here as well as a vulnerability in zip compression handling."
It's nice to know that they have made security such a high priority. Hopefully their next high priority will be 'doing something about it'.
This is my sig. There are many like it but this one is mine.
Just in case anyone is wondering, SP2 is not affected by any of these vulnerabilities, except for MS04-038. That's the fix for the "drag-and-drop" vulnerability that everyone's been crowing about.
There are a number of user-friendly configuration tools for iptables. FireStarter is the first one that comes to mind, though there are others.
The newest version of XP is the safest and most secure version yet. Try counting how many of those bulletins have to do with SP2.
People like myself that use LiteStep for a shell under Win32 don't have to deal with the memory overhead of a web-enabled shell, or these web-based exploits.
It's pretty cool and it's open source and stable (unlike Windows sometimes) and has a decent-size user base, eventhough most of the themes are pretty worthless. (Then again, for any themable program, aren't the bulk of the themes crap?)
Anyhow, people that are stuck using Windows like I am (Lycoris' Tablet PC version of Linux is next to featureless) should give it a try, if nothing else but as a preventative measure against future bugs like this.
Cmd.exe is the command line shell. The Windows shell is explorer.exe (which now has IE built in, or something like, as of Windows 98 you can surf the web from the "My Computer" Icon). Explorer has been the Windows shell since Windows 95. Before Windows 95 it used to be progman.exe (the Program Manager).
Why not? GCC has had it since 2001.
Karma: Segmentation fault (tried to dereference a null post)
It doesn't eliminate all cases, of course, but the /GS compiler flag for Visual C++ does eliminate many of them. In essence, it checks if the return address has been trashed, and throws an exception if it has. Your app still crashes, but that's probably better than being 0wn3d.
Yes, it is possible to circumvent, and there are of course other kinds of attacks/bugs which this doesn't help with. Nor is it a substitute for actually fixing those buffer overflow problems. However, all that said, it's still a good extra level of defense that does improve the security of the system and apps by substantially mitigating a large class of potential bugs.
How many times do I have to tell the computer that Firefox is my default browser?
Once, if Firefox is registered as the default browser correctly. My machine gets it right, why doesn't yours?
With SP2, XP has been annoyingly telling me I may not be protected (I run without anti-virus but am locked down regardless and still scan regularly- with no virus or reinstall in 2 years).
Two options:
1) Update your AV software to a version that tells the security center when it is up to date.
2) Select the "I will manage my AV software myself" option, and the security center won't bug you about any AV related details.
In today's update, it keeps nagging me to reboot.
Your computer is still vulnerable until you reboot the machine. What's the point of applying the patch if the updated files don't get loaded?
And why do I have to sign yet another goddamned EULA to install critical patches?
For the same reason every company requires you to sign a EULA before installing/updating software. If you want a detailed reason, ask the lawyers.
1. Security in depth. Multilayered security = A Good Thing. ...and they're not on port 80...!
2. True, there shouldn't be ports we don't know about on user's PC's, but how about when they pop one open without knowing? They can't download or receive numerous file types & their peripherals are disabled, but users will be users. I've seen programs installed that install telnet or tftp servers. A decent personal firewall setup will alert the user *and* log that alert to a central console.
3. Mistakes happen. A nameless colleague quit-out halfway through creating a firewall rule. The default action is to create the rule regardless, so for 20 minutes a bunch of workstations were waaaay more accessible than they should be. Worms were spotted.
4. It's disastrous to think "We've got a firewall, ergo we're secure" (see above). Common example: User sits in internet cafe with laptop, some floppies, usb devices & cd rom. Effectively spreads legs & asks the world to infect him. Next day, brings laptop back & jacks into the LAN. My sturdy firewall is now worth jack. Personal firewalls all round, please.
5. And yes, I do filter ICMP. I'm sorry that you have to wait 60 seconds for your pings or whatever to fail, but I have to ask why were you scanning my LAN? You want me to turn on file&printer sharing too, so you can see what else is going on? It's my LAN, & within it I'll do whatever I can to keep it secure. Guess what - I run some web services....
As far I'm concerned there are valid reasons to run personal firewalls on the desktop.
Hand-in-hand with user education, security policies, patch management and effective anti-virus solutions they provide a robust & proven security benefit.
You're damn right I don't trust my computer. And I won't do until I control all access in and out, and it tells me when something tries to except those rules. Oh, wait! It does. It's my personal firewall.