Slashdot Mirror
Exploits Circulating for Latest Windows Holes
1sockchuck writes "Exploits are already circulating for at least two (and possibly four) of the Windows security holes addressed in Microsoft's updates on Tuesday. Several working exploits have been released for a new vulnerability in Windows Plug and Play technology, which could be used to spread a worm targeting Windows 2000 machines, according to eEye security, which has released a free scanner to help network admins identify vulnerable computers."
Perhaps this vulnerability was a 'Feature' to get people to migrate away from Windows 2000?
My UID is prime... is yours?
At least, Microsoft is maintaining great quality control.
I mean W2K has been around for about... uh, 5 years?
So isn't this just an old exploit that was just found?
See? Having 900,000,000,000 lines of code is a good thing.
This
Our website's registration forms require users to provide contact information (names and email addresses) and financial information (account or credit card numbers). Financial information that is collected is used to bill the user for products and services purchased and is only used internally by eEye. Contact information is used to confirm and ship orders, to contact the user when necessary, and to notify users when new products and services are available. Users may choose not to receive future mailings from eEye; see the Choice/Opt-Out section below. eEye Digital Security may occasionally share visitor contact information with official product resellers that adhere to a comparable privacy policy; visitor contact information is NEVER given to other third-party vendors that are not affiliated with eEye.
Why do they insist on my personal information if they aren't going to use it?
They have the ability to let me opt out of of mailing, why don't they provide an opt out for my information in the first place?
The exploits came out after the announcement and not before. It begs the question, do we need to give M$ credit for pushing the patch before the exploit became common knowledge? Compare this to Cisco who tried to squash recent publicizing of their vulnerability.
You got any karma man? I really neeed it. Just a little hit! Come on!
Is anyone but me getting sick of these companies releasing "free" tools that require you to register for their incessant spam, phone calls, and other marketing harassment in order to download? Yes, I understand that they spent money to develop the tool, but what if I want to scan my home network? MySQL isn't too bad, at least. They have the marketing signup, should you be interested, but provide a link to download without all the crap.
[Wanders off muttering about the good old days of gopher and archie]The recent article on the front page here (2 down at the moment), talks about vulnerabilities linked to MS05-038 being in the wild in mid July (actually quite a bit earlier, but we will give them the benefit of the doubt). There have been a number of minor exploits in existence for at least a month and a half with respect to some image handling capabilities through IE (also MS05-038).
Security-Protocols claimed to have discovered the vulnerability linked to MS05-041, and there were some minor claims that other people had been able to make it into exploits which weren't widespread.
I initially thought that the Plug and Play vulnerability was linked to a report on an overflow with respect to handling USB devices (which has also been reported), but it seems to be much worse.
I am fully aware of the reasons why companies EOL their software, but Microsoft's cessation of mainstream support for Win 2000 might be coming back to bite them, given that Win 2000 is just as vulnerable to these exploits as Win XP and 2003, if not more so.
InfoSec that matters, when it counts.
...Microsoft patched the holes BEFORE the exploits started circulating?
If that's the case, what's the problem?
"Ask not what your country can do for you." --John F. Kennedy
Microsoft with all its massive billions of dollars, charging in excess of $300 for a full, licesned version of Windows XP Proffessional... Cannot afford to write clean, bug free code?
As a programer myself I am often faced with the idea of completely re-writing my code, not just leaving the function sit, while being unused.
Compare to Apple's OS X (granted, the numbers argument about there is not a mass majority to spread a major virus even if it was to be discovered), why cant Microsoft decide to take shape, and start producing a REAL operating system that is built upon firm solid foundations of bug free (realitivly) code. They have admited in the past that they have pushed features ahead of security, and yet our major corporations still tout that microsoft is secure enough for there senstive finiancial information.
Give me a break will ya? I really just wish that microsoft would have a much more open beta, much more strict adherance to quality code, and less mouthpeices saying how great there stuff is.
"...eEye security, which has released a free scanner to help network admins identify vulnerable computers.
What, the Windows startup screen wasn't sufficient to identify vulnerable computers?
I still have people using 75Mhz machines with windows 95, and most of my users are running 2000. We don't need to or have the budget to upgrade everyone to a new box with XP on it just so they can use word/excel, and email each other porn.
If you need to test the machines on your network Nessus http://nessus.org/ has released plugins.
Having to work for a living is the root of all evil.
I think that you have to assume there will be bugs in the code. I am sure Apple has bugs. The real question, is: why are there so many listening ports on a Windows NT/2K/XP machine? Even one that has no files shared for users. What does it need them for? MS recommends running a firewall, which rather defeats the purpose of any listening ports, including such things as the administrative shares. In this case, we have some code that is supposed to detect new hardware apparently listening on the Ethernet port. Why? New hardware is going to fly down the network? Wow! MS should patent that now since it would put UPS and Fedex out of business. So, I don't think it is so much a bug as "what in $DEITY's name were they thinking when they designed this feature?"
The real "Libtards" are the Libertarians!
Once again: (original at http://slashdot.org/comments.pl?sid=71367&cid=645
10) find big remote vulnerability in product
20) perfect the exploit
30) have fun with it for months
40) find another big hole in same product
50) perfect exploit for hole
60) alert vendor about original hole
70) have fun with new hole
80) goto 40
First of all, Linux distros support every package on the system, not just the core files like MS update. That means perl, MySQL, apache, even the modules for apache. Everything. With that in mind, compare the Secunia security reports for Mandrake 10.0 and Windows XP Pro 10.0, which hit the market at about the same time. Have a look at the amount of unpatched vulnerabilities in both and see if you can still come to the same conclusions. Sheesh!
Working in a DevOps shop is like playing in a band made up entirely of keytarists.