Slashdot Mirror


Microsoft's Urgent Patch Precedes Black Hat Session

Julie188 writes "Mystery solved! Microsoft's latest emergency out-of-band patch was weird beyond belief. A notice was sent to journalists and researchers late Friday evening that the patch was coming Tuesday, but Microsoft refused to explain the flaw and even put a cone of silence around researchers who would have otherwise talked about it. But finally, one researcher broke ranks and explained that the patch was caused by a flaw introduced in Microsoft's own development tools. This flaw was also the source of the emergency ActiveX patch, which took about 18 months to complete and which supposedly fixed the problem by turning off ActiveX (setting a 'killbit' on the control). Researchers at Black Hat on Wednesday will be demonstrating how to override the killbit controls and get access to vulnerabilities supposedly stopped with a killbit. What's really scary is that Microsoft has issued 175 killbits fixes so far."

3 of 232 comments (clear)

  1. Cone of Silence? by eldavojohn · · Score: 5, Funny

    Microsoft refused to explain the flaw and even put a cone of silence around researchers

    Those suck. My dog had to wear one of them for a week. Didn't shut him up but it sure stopped him from licking what used to be his balls.

    --
    My work here is dung.
  2. Re:The real mystery by mcgrew · · Score: 4, Funny

    I've always been baffled by Microsoft marketing's insistence that ActiveX is pronouced "active" with the "X" silent. I've never met anyone who didn't pronounce the technology "Active-X".

    Considering all the exploits it's made possible, I call it hActive-X.

  3. Re:It's the commonality. by hairyfeet · · Score: 4, Funny

    As a Windows repairman, I'll let you in on a little secret: You wanna know why Windows gets exploited and Linux don't? You really wanna know why? The answer is simple: PEBKAC, that's why. Linux guys just aren't gonna run email spam attachments, Hot_Lesbos.mp3.sh, or any of the other truly fucking dumb things Windows users will do. Since I believe in good story telling examples, I'll tell you a true story. Meet Velma.

    This is little Velma, who works at an insurance company. Say hi Velma (Hi Y'all!) isn't she sweet? Everybody just loves little Velma. But here in the Windows repair biz we have a name for little Velma, and it is....dum dum dum....The disaster area! Because you see, little Velma has a BFF Kim, who is what we in the Windows repair biz call a "click whore" in that she will click on ANYTHING. Spam attachments, dubious screensaver programs, adware, you name it Kim will click it. And Velma trusts her BFF Kim, because they go on vacation together and anything bad from kim must be a trick, because Kim wouldn't do that. So lets see an actual interaction between the gruff but lovable local repairman hairyfeet and Velma, shall we?

    /feet/ Velma, that is a password protect email attachment. That is a virus, do NOT open and run that! /Velma/ Ohh...you worry too much. It is from my BFF Kim, see here name on there? And it says it is happy puppy pictures. Who doesn't like puppies? /feet/ Velma it is telling you to turn off the AV before running and the file is happy_pup.jpg.exe. Do NOT turn off the AV and run that or you will bone the machine! It is a bug! /Velma/ Ohhh you....go drink some decaf. My BFF Kim would never do that to me.../turns off AV, runs program. Porn popups start spewing and network crashes/ /Velma/....Oops.....but it must be a trcik! My BFF Kim wouldn't do that! /feet/..........

    And there you have it, an actual infection of an actual Windows user. Could MSFT have done anything to stop it? Short of giving Velma a thin client with no install capability no. And don't worry, Linux guys! If you manage to lure Velma and all her PEBKAC friends to your OS, I'm sure your friends at the Russian Business Network and their friends in China and Nigeria will be cooking up "Happy_pup.jpg.sh" with nice easy to follow instructions so Velma and her friends can turn Linux into a virus laden whore, just like Windows! Won't that be nice?

    --
    ACs don't waste your time replying, your posts are never seen by me.