Newly-Found Windows Bug Affects All Versions Since NT

← Back to Stories (view on slashdot.org)

Newly-Found Windows Bug Affects All Versions Since NT

Posted by Soulskill on Wednesday January 20, 2010 @03:17AM from the staying-power dept.

garg0yle writes "A researcher has found a security bug that could allow privilege escalation in Windows. Nothing new there, right? Well, this affects the Virtual DOS Machine, found in every 32-bit version of Windows all the way back to Windows NT. That's 17 years worth of Windows and counting. 'Using code written for the VDM, an unprivileged user can inject code of his choosing directly into the system's kernel, making it possible to make changes to highly sensitive parts of the operating system. ... The vulnerability exists in all 32-bit versions of Microsoft OSes released since 1993, and proof-of-concept code works on the XP, Server 2003, Vista, Server 2008, and 7 versions of Windows, Ormandy reported.'"

24 of 393 comments (clear)

Min score:

Reason:

Sort:

Cue "Windows Sucks" comments in 5, 4, 3, 2, 1 by Anonymous Coward · 2010-01-20 03:19 · Score: 2, Funny

Cue "Windows Sucks" comments in 5, 4, 3, 2, 1....
1. Re:Cue "Windows Sucks" comments in 5, 4, 3, 2, 1 by yakumo.unr · 2010-01-20 03:28 · Score: 2, Funny
  
  cue hahaha I switched to 64bit the moment I could in....er, now.
2. Re:Cue "Windows Sucks" comments in 5, 4, 3, 2, 1 by jbezorg · 2010-01-20 03:29 · Score: 4, Funny
  
  Cue the "cue the" comments in 3, 2, 1, 0, -1, -2, -3....
  
  --
  I've lost all my marbles except one & It's fun to test angular & centripetal acceleration in my skull
3. Re:Cue "Windows Sucks" comments in 5, 4, 3, 2, 1 by Anonymous Coward · 2010-01-20 03:37 · Score: 2, Funny
  
  Windows Sucks. But then you obviously knew that already.
4. Re:Cue "Windows Sucks" comments in 5, 4, 3, 2, 1 by darkpixel2k · 2010-01-20 04:17 · Score: 2, Funny
  
  Cue the "cue the" comments in 3, 2, 1, 0, -1, -2, -3....
  -1? Looks like you just found a bug that's been in Microsoft's Meta Countdown tool. This one goes all the way back to Windows 2.0.
  
  --
  There's no place like ::1 (I've completed my transition to IPv6)
5. Re:Cue "Windows Sucks" comments in 5, 4, 3, 2, 1 by neoform · 2010-01-20 05:23 · Score: 2, Funny
  
  You just managed to make a recursive comment...
  
  --
  MABASPLOOM!
6. Re:Cue "Windows Sucks" comments in 5, 4, 3, 2, 1 by IorDMUX · 2010-01-20 06:00 · Score: 2, Funny
  
  I'm only 16 bits, you insensitive clod!
  
  --
  >> Standing on head makes smile of frown, but rest of face also upside down.
7. Re:Cue "Windows Sucks" comments in 5, 4, 3, 2, 1 by bami · 2010-01-20 07:30 · Score: 5, Funny
  
  More like cue the comments in 3, 2, 5 days, 3 hours, 23 minutes, 8 minutes, 2 hours 15 minutes, 15 seconds, 'Any moment now', 2 years.
Free time. by Anonymous Coward · 2010-01-20 03:30 · Score: 1, Funny

This bug was discovered by Tavis Ormandy.

Tavis, you need a girlfriend.
1. Re:Free time. by taviso · 2010-01-20 03:36 · Score: 5, Funny
  
  Applications Welcome ;-)
  
  --
  ex$$
2. Re:Free time. by JustOK · 2010-01-20 03:59 · Score: 4, Funny
  
  There's an app for that?
  
  --
  rewriting history since 2109
64 Bit by ZeroSerenity · 2010-01-20 03:31 · Score: 1, Funny

Yet another reason people need to abandon 32-bit OSs. Seriously. What's the point of using half the power of your CPU?

--
For those who seek perfection there can be no rest on this side of the grave.
1. Re:64 Bit by Anonymous Coward · 2010-01-20 03:40 · Score: 1, Funny
  
  Oh, damn! I thought I was saving electricity by using a 32 bit OS.
"OSs released since 1993" by Dystopian+Rebel · 2010-01-20 03:47 · Score: 3, Funny

Slashdot makes me sick. It's just not fair to go digging 14 years prior to the date when Microsoft finally starting taking security seriously.

--
Rich And Stupid is not so bad as Working For Rich And Stupid.
Re:I was RIGHT ! by Anonymous Coward · 2010-01-20 03:49 · Score: 1, Funny

Don't just dump IE. Dump MicroSLOP completely !
I don't know about you, but I don't want all those unemployed former MS-programmers to get down to Linux.
I'm helping to keep the Linux codebase clean and pragmatic by running Windows once in a while and giving a false sense of userdemand.
But seriously though, I have seen alot of "opensource windows clones", they all look like clowns to me in usability and aesthetics.
WOWEXEC is still in use? by filesiteguy · 2010-01-20 03:50 · Score: 2, Funny

Actually, I was just messing around. I'm kind of suprised it took someone this long to find a vulnerability in wowexec. I'm sure MS is not even thinking much about this, yet pretty much any program can have the possiblity of a buffer overrun or some sort of registry memory shift.

I found it funny that the Google ad displayed next to the article was for Microsoft forefront touting the security features.

http://www.perfectreign.com/stuff/2010/forefront.jpg

--
The Kai's Semi-Updated Website Thingy
Re:Backward compatibility by sacrilicious · 2010-01-20 03:51 · Score: 2, Funny

Yeah, people hate it when their applications continue to crash after buying a new computer.
There, fixed that for ya. :)

--
- First they ignore you, then they laugh at you, then ???, then profit.
Re:How do we know it's not already in use? by John+Hasler · 2010-01-20 04:09 · Score: 2, Funny

True. For home users you just pop up a window saying "Click here to install keylogger".

--
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
I told you! by Yvan256 · 2010-01-20 04:21 · Score: 3, Funny

Windows 98SE rules!
Re:How do we know it's not already in use? by Anonymous Coward · 2010-01-20 04:46 · Score: 1, Funny

This shows one of Linux's biggest weaknesses, no support for legacy exploits.
Re:How do we know it's not already in use? by welsh+git · 2010-01-20 05:31 · Score: 2, Funny

Ahhh, Gcc doesn't like the smiley face at the end of line 20

--
Sig out of date
Re:How do we know it's not already in use? by H0p313ss · 2010-01-20 05:55 · Score: 2, Funny

Windows users are in the dark and fucked.
You make that sound like a bad thing.

--
XML is a known as a key material required to create SMD: Software of Mass Destruction
Re:Only 32-bit Windows builds? by The+Wild+Norseman · 2010-01-20 05:57 · Score: 4, Funny

Oh, fuck me for not even reading the summary properly. :p
Nice try, dude. If that really worked, we'd all be getting laid like rock stars.

--
"A government is a body of people usually -- notably -- ungoverned." -Shepherd Book
Re:How do we know it's not already in use? by Obfuscant · 2010-01-20 07:01 · Score: 2, Funny

Presumably one has to have local access, since to provide input to the NVidia driver one needs a display server running locally and provide bogus input to it.
Since it was a display driver, all you had to do to exploit it was be able to see the screen.