Slashdot Mirror
Microsoft to Issue Emergency Patch For File-Sharing Hole
An anonymous reader writes "Microsoft said late Wednesday that it plans to release a critical security update today to plug a security hole present in all supported versions of Windows. The company hasn't released any details about the patch yet, which is expected to be pushed out at 1 p.m. PT. Normally, Redmond issues security updates on Patch Tuesday, the second Tuesday of each month. The Washington Post's Security Fix blog notes that each of the three times in the past that Microsoft has departed from its patch cycle, it was to fix some really nasty vulnerability that criminals already were exploiting to break into Windows PCs."
Reader filenavigator points out an article which describes the hole as an SMB vulnerability, and says it "allows anyone to access a Windows machine remotely without any user name or password. Any machine that exposes Windows file sharing is vulnerable." Update: 10/23 17:42 GMT by T : Reader AngryDad adds a link to Microsoft's more detailed memo.
It was probably the shared Samba experience that gave them the idea on how to fix the bug.
I don't understand how the bug works, but I know one has been around. You can find hack tools for script kiddies out there that will exploit this automagically for people. I have even used it in the past to get some files from a computer that no one knew the password to and the key to the server room was broken off in the lock making physical access imposible until a locksmith was available.
Thankfully, the old tech (who broke the lock on his way out after resetting everyone's password) kept all the passwords in scripts that I could recover and use to change passwords to something usable. The owner of the company wanted me to testify in court to the old Techs actions and even offered me a permanent contract, I told him all I wanted was a check, I don't want anything to do with a company that pissed their old tech off that bad after 5 years of service.
You know that a vulnerability is bad when Microsoft goes out of its regular patching cycle to hurry and plug the hole so quickly, instead of following their usual philosophy of saying "What are you talking about? There is no security hole in Windows!" and quietly patching it a few months later amidst a flood of inocuous driver updates.
it really aggravates me when people say that AD=LDAP. LDAP is the protocol used to access AD, and then beyond that there is the actual Active Directory system, which is way fucking more than just an LDAP server.
I agree. LDAP is a protocol; AD is an LDAP-capable directory. A very weak, vendor-locked, OS-version-specific, poorly performing directory that in many ways compensates for corresponding weaknesses in the Windows OS, so that together AD and Windows add up to a reasonably usable system, almost as capable as a standards-compliant system.
If that sounds like a troll or flamebait it's certainly not meant to be. It's just an honest appraisal - I've worked with directories since the late 80s, and AD is not a particularly good example of a directory since it is so specialized for dealing with MS-windows problems that other platforms don't necessarily have (they have completely other problems, of course).
I have around 600 systems running from OpenLDAP these days. Most of these are windows desktops that think they are talking to AD, but I've also got HP-UX, Solaris, 3 flavors of linux, a single mac, and we used to have AIX too. All running from a single, massively replicated OpenLDAP directory that requires far less maintenance and hardware than AD does.
So yes, you're quite right. AD is much more than an LDAP server. It's an enterprise directory, and may someday evolve into a good one... it's still a young product and has a lot of catching up to do before it can compete with eDirectory.