Microsoft Finally To Patch 17-Year-Old Bug

eldavojohn writes "Microsoft is due for a very large patch this month, in which five critical holes (that render Windows hijackable by an intruder) are due to be fixed, in addition to twenty other problems. The biggest change addresses a 17-year-old bug dating back to the days of DOS, discovered in January by their BFF Google. The patch should roll out February 9th."

Nothing quite like a "timely" response

[msobkow]

How in the world can a bug exist for 17 years when they've released so many versions of Windows in that time? Hasn't the kernel been revamped three times? (Win98/ME, WinNT/Win2K/WinXP, Vista/7)

Re:Nothing quite like a "timely" response

[hairyfeet]

Yes and thank Jebus for backwards compatibility! Or do you actually want all your stuff broken? Converting my customers away from XP to Windows 7 so far I have had exactly ONE app be a PITA, and that was the evil Quickbooks, those that bought Intel no VM chips and couldn't run XP Mode simply went out and bought Quickbooks 09 and all was good in the universe again.

Linux doesn't have to worry about backwards compatibility because users are paying $0 for their software. Imagine if you paid $400 for Photoshop for Linux, but next year it was worthless because the latest kernel wouldn't run it? Wouldn't be very happy then, would you? I am personally VERY happy for backwards compatibility, as nearly all the software I have going back many years all "just works" even though I made the jump from IA32 to X64, first with XP X64 and later Windows 7 HP X64. So while other may laugh at backwards compatibility it makes this old PC repairman VERY HAPPY that I don't have to deal with users on Win98 or WinME (shudders at the flashbacks) because some "must have" apps won't run. Yay backwards compatibility!

Re:Nothing quite like a "timely" response

[symbolset]

Windows 7 is very much still built on the NT codebase.

You lie! Longhorn (Vista, Server 2008) was built from the ground up. Microsoft told me so!

They wouldn't lie to me. <sniff>

Re:Nothing quite like a "timely" response

[symbolset]

I've known about this bug for many years - it's one of a few that date back to my college days when I had a scholarly interest in such things. Back then I used to haunt the dark corners of the Internet where these things were good for a laugh. Now they're good for a quarter million dollars because GO's haunt the dark corners now and they pay good money, and only now are ones like this coming out in common knowledge. You may be sure that if you're a high value target you've been exploited this whole time and that's why your competitors mysteriously beat you to market, or how knockoffs appeared more suddenly after your innovation than reverse engineering would allow.

What's absurd is that there are hundreds more just in the core OS. Go to apps and WMP doesn't have a streaming format that doesn't have pwnership, and let's not even talk about IE. Then there's all the forgotten formats and services, each with its vestigal exploits that still work. And then there's Office. Good Lord, as if providing multiple Turing machine capable development environments were not enough, every app includes embeds for hundreds of formats that can hose any machine that opens a document, and for each of those there's a Microsoft-only undocumented interface that's truly trusted to be exploited, because that's how they roll. And one of those apps is an email client - think about that for a bit.

Each fix only adds to the problem. Even if the patch doesn't add new exploits (most do) most people don't patch, and half of the few who do patch slowly to avoid incompatibilities. In the meantime the patch gives clues to the amateurs on which features to exploit. For 90% of systems you only need to pwn it once and leave some obvious malware and the idiot running it will clean it and think it's all good. So the smart black hat builds a database of servers running Windows he can get at from his previously Pwned boxes (yes, some of them are probably inside your firewall and most but not all of them are clients) and crafts a package to pwn the rest of your network and if necessary leave some cleanable traces. The truly nefarious black hats exploit the patching system itself - of course it has exploits and hidden hooks too.

Each rewrite leads to new problems. In 2008 how the hell do you write a server OS that hangs on a bad packet on the file sharing service? That's not what Bill promised us in 2002. In six years they couldn't even get that right? That's your clue that they're not even trying or at least they're not able. At the very least they're struggling just to copy a file as if that were a new requirement.

You would think with the billions they have to throw away on XBox and Pink, from Bing to Zune, Microsoft could afford to hire a few Pakistani code geeks to haunt the dark corners and report what they find written on the wall there. They're getting rid of their profits but they're not doing it well. You would think code security audits would extend to the historical catalog of code, but no... that group has enough to do just vetting this month's patches, let alone the output of the dev teams. I imagine the rest of them are building Bing interfaces into Yahoo's services as if they had a hope in hell of getting us to use Bing. For sure they're not throwing a ton of quality code geeks into saving their butt on WiMo 7. Fixing bugs widely known in the Underground that consumers like you don't know about? That's a 0 priority task.

Windows shops: not only are we laughing at you - we always have and we always will. You poor bastards.

Re:oldest bug evar... and other leet speechisms

[Ralish]

Not even close: The 25-Year-Old BSD Bug.

You joke, but I think he'd like to

[Adrian+Lopez]

"We are not the streamlined, small, hyper-efficient kernel I envisioned 15 years ago. Our kernel is huge and bloated. Whenever we add a new feature, it only gets worse." -- Linus Torvalds, September 2009.