Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Vista still Rife with Insecure Code

Posted by ryuzaki0 on from the rife-i-say dept.

osxpetition writes "As noted in a News.com article, Symantec researchers have been testing the latest Microsoft Windows Vista build (Beta 2), and have found that the code is 'complete with new corner cases and defects' in the networking component. Symantec describes how Microsoft scrapped the old networking stack code from Windows XP in favour of newer, rewritten code. 'Microsoft has removed a large body of tried and tested code and replaced it with freshly written code.' Since January 2002, Microsoft has put a stronger emphasis on protecting PCs by attempting to implement stable, secure code into Windows XP and their new operating system. This latest report from Symantec brings attention to Microsoft's trustworthy computing campaign, and shows how it will be a long way before it is ready for the mainstream."

15 of 330 comments (clear)

  1. Re:However by Goalie_Ca · · Score: 3, Informative

    Because IT's much easier to fix a square wheel than a round one!

    --

    ----
    Go canucks, habs, and sens!
  2. Re:I would like to know by kevin_conaway · · Score: 5, Informative
    I would like to know If the so-called shatter attack still works in Vista. If it does, no amount of privilege limitation can help you.

    Since you didn't provide any useful context to your question, allow me. From here:

    Chris Paget says there is an irreparable hole in Win32. Any application can send a message to any window on the same desktop regardless of whether or not the window is owned by the application, and there is no authentication mechanism to prevent this from happening. Paget has published a white paper describing a "shatter attack" which allows an attacker to gain control of a system by elevating his or her privileges. Microsoft says this does not fit their criteria/definition of a security vulnerability.
  3. Re:I would like to know by NutscrapeSucks · · Score: 4, Informative

    Shatter attack are a configuration error, not a OS issue. They are roughly similar to running xterm as root on Unix and then complaining that users can execute root commands.

    But apparently Vista has entirely removed the idea of an "interactive service", so they won't work. Info here: http://blogs.msdn.com/larryosterman/archive/2005/0 9/14/466175.aspx

    --
    Whenever I hear the word 'Innovation', I reach for my pistol.
  4. Re:I would like to know by A+beautiful+mind · · Score: 3, Informative
    Microsoft says this does not fit their criteria/definition of a security vulnerability.
    Technically, it is true, since it is a grave design error. The impact is much worse though, as it is not something that can be easily fixed. They missed the boat again with Vista.
    --
    It takes a man to suffer ignorance and smile
    Be yourself no matter what they say
  5. Shatter attack by Kadin2048 · · Score: 5, Informative

    I had never heard of such a thing before (actually, initially I thought you were just punning on Windows + 'shattering', har har).

    It would seem that Vista allegedly fixes the design flaw that allows for the attack, by not running system services in the same session as the user. At least, that seems to be what the Wikipedia article on the topic is suggesting.

    The key to shatter attacks is that Windows allows processes running in the same session to pass messages between each other, the result of which is that via code injection, any process can escalate up to the level of the highest process also running in its session. MS is quoted in the article as saying "[This is not] a flaw in Windows. In reality, the flaw lies in the specific, highly privileged service. By design, all services within the interactive desktop are peers, and can levy requests upon each other. As a result, all services in the interactive desktop effectively have privileges commensurate with the most highly privileged service there." (Which is amusingly doublespeak-ish; they're saying "this isn't a design flaw, we designed it that way!")

    This blog post by a member of the IE7 team would confirm that they've at least tried to address this in Vista (but of course that's what you'd expect them to say). It says: "User Interface Privilege Isolation (UIPI) blocks lower-integrity from accessing higher-integrity processes. For example, a lower-integrity process cannot send window messages or hook or attach to higher priority processes This helps protect against "shatter attacks." A shatter attack is when one process tries to elevate privileges by injecting code into another process using windows messages."

    Yet another nice legacy "feature" from the single-user-OS days.

    --
    "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
  6. Re:I would like to know by A+beautiful+mind · · Score: 3, Informative
    Actually, it is not a "grave design error".
    Yes it is. Quoth:
    A shatter attack takes advantage of a design flaw in Windows's message-passing system whereby arbitrary code could be injected into any other running application or service in the same session, that makes use of a message loop.
    --
    It takes a man to suffer ignorance and smile
    Be yourself no matter what they say
  7. Re:I would like to know by giorgiofr · · Score: 3, Informative

    The stuff in the taskbar usually runs under your account; the problem is that the Network DDE service always runs as system and owns a transparent window on the desktop that can be passed arbitrary params by any other app on the same desktop - such as that nifty little hack you wrote...

    --
    Global warming is a cube.
  8. Vista has been improving... by PurifyYourMind · · Score: 3, Informative
    I work as a tester at a large, well-known tech company. I started using Vista back in February of this year, and I've used one of the latest versions, 5474, recently. Here are the changes I've seen:
    • Improved graphics (more complete icon set, fancier installation and login graphics, nicer titlebar look on non-3D capable systems)
    • More stability in general (some blue screen bugs I've reported have gone away with later versions)
    • More gadgets in the sidebar
    • A bit faster for file copies, file searches work a lot better -- file searching wasn't working at all at one point
    So... I'm still skeptical of their early 2007 predicted time frame, but it's definitely been getting more polished over the months.
  9. Re:I would like to know by ThinkFr33ly · · Score: 2, Informative

    Ah, so a wikipedia article proves that it's a design flaw in Windows?

    In that case, I'm going to post a wikipedia article stating that your a midget. It's gonna be tough living out the rest of your life as a little person.

    "Design flaw" suggests that they didn't consider this scenario. This is false. They absolutely did consider this scenario and decided it was still a good decision due to the performance implications. The developer documentation clearly warns against displaying high-priv GUI on a low-priv desktop.

    You would be very hard pressed to find a major/popular application available today that makes this attack possible. It wasn't that common to begin with, and after Microsoft's warnings, it's virtually non-existant.

  10. It has been fixed by CalTrumpet · · Score: 4, Informative

    Microsoft has put a signifigant amount of work into creating USER/GDI messaging passing barriers between the new Vista integrity levels. This feature is called UIPI and mostly works in the betas.

    BTW, almost no Microsoft written applications are still vulnerable to shatter attacks on XP. This is mostly an issue that still hits ISVs because they don't understand the problem.

  11. Re:However by aneurysm36 · · Score: 4, Informative

    another supporting opinion on this subject
    http://www.joelonsoftware.com/articles/fog00000000 69.html

    --
    ------ hi mom
  12. Re:I would like to know by kimvette · · Score: 2, Informative
    Ah, so a wikipedia article proves that it's a design flaw in Windows?


    The fact that it's on Wikipedia does not automatically mean it is false or quackery. Don't be so quick to write off Wikipedia on every subject - if in doubt, check the sources. Much, if not most, of Wikipedia's content is actually quite good. Just be willing to check the cited works in the footnotes, or verify against other, more authoritative sources. For a free up-to-the-minute encyclopedia, one cannot get anything much better than Wikipedia. Its greatest strength (anyone can edit) may be its greatest flaw, but at the same time its greatest flaw is its greatest strength. If you spot an error, you can correct it on the spot. :)
    --
    The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
  13. Re:beta by CaymanIslandCarpedie · · Score: 5, Informative

    FTA:Symantec researchers put the networking technology in Vista under a magnifying glass to determine its exposure to external attacks. The team said it found several flaws in build 5270 of Vista and even more in earlier test versions. However, these were all fixed by Microsoft in build 5384, the version of the operating system that was publicly released in May as Beta 2.

    For those too lazy to read the article all it really says is. We found a few issues in early releases of Vista. They've already all been fixed by Beta 2, but we are guessing there are probably more.

    --
    "reality has a well-known liberal bias" - Steven Colbert
  14. Re:Before the MSFT bashing commences by TouchOfRed · · Score: 1, Informative

    The network stack wasnt re-written post-beta, it was one of the most significant changes in longhorn next to the new driver model.

  15. Comment removed by account_deleted · · Score: 2, Informative

    Comment removed based on user account deletion