Slashdot Mirror


New Windows Kernel Vulnerability Bypasses UAC

xsee writes "A new vulnerability in the Windows kernel was disclosed Wednesday that could allow malware to attain administrative privileges by bypassing User Account Control (UAC). Combined with the unpatched Internet Explorer vulnerability in the wild this could be a very bad omen for Windows users."

3 of 303 comments (clear)

  1. Vulnerabilities are VERY profitable for Microsoft. by Futurepower(R) · · Score: 4, Interesting

    "I'm hard pressed to decide if Microsoft is unwilling, or just unable, to ever fix it."

    Microsoft top managers achieve vulnerabilities by not allowing Microsoft programmers to finish their work, apparently. Since Microsoft has a virtual monopoly on operating systems installed on computers you can buy, the vulnerabilities make Microsoft more money because the average person cannot fix an infected computer and buys a new computer with another copy of Windows. See the New York Times article: Corrupted PC's Find New Home in the Dumpster.

    The solution is to make computers with Linux already installed available. Unfortunately configuration of Linux is quirky and poorly documented, slowing adoption.

    Another solution is to use anti-trust law to make Windows more fair for buyers. Should users of Windows Vista pay for an entirely new version of Windows, when Vista was troublesome and a court case showed that Vista was knowingly released before it was ready? There are only small differences between Windows Vista and Windows 7. Why should users pay for an entirely new copy of Windows?

    It is my opinion that the present practices of selling something almost everyone with a computer must have are unfair and against the common welfare. Microsoft lost an anti-trust case, but there was never any penalty.

  2. Re:Bad omen? by Gadget_Guy · · Score: 4, Interesting

    Nothing you said there has ANYTHING to do with Microsoft not caring about "clueless home users". I called you on that comment and you just changed the subject.

    You say Microsoft misread the importance of the Internet. Absolutely, although it was 15 years ago! But what has that got to do with them not caring about home users?

    You claim Windows can't be used safely on an untrusted network? That is false, the current version ships with the firewall turned on and most of the useless network services turned off. Gone are the days when you would be infected within 15 minutes of connecting to the Internet with a vanilla install.

    Despite what you say, you don't have to install a third party firewall and run third party anti-malware software. My original post to you linked to the free Microsoft supplied anti-malware software. Why did you just ignore that? All the reports that I have seen about it have been quite positive.

    And I still don't see any evidence of Microsoft ignoring the plight of clueless home users.

  3. Re:Bad omen? by LO0G · · Score: 4, Interesting

    Normally I don't feed the trolls, but...

    Every measurement I've seen indicates that malware authors are profit driven. The reason they find exploits is to drive revenue (in the past this wasn't the case, but for the past 10 or so years it is). Let's take this as a given (if you can find evidence that malware authors aren't profit driven, we can reconsider this, but I suspect you won't).

    Finding an exploit costs money - you need to spend your time to find it or you need to pay someone to find it. Either way, you're out cash money - that's an expense for the malware author.

    Assuming that the malware author has a limited budget for exploits (which is likely to be true), the malware author is going to want to maximize their return on investment.

    Further, let's assume that the cost of finding an exploit is the same on all platforms (that's not true btw - Charlie Miller has said that it's far easier to find exploits on OS X than it is on Windows, but let's just assume that the cost is the same).

    If I pay $10000 for a Windows exploit (the amoun of the pwn2own prize), I can target 90% of the computer users out there. If I pay for an OSX exploit, I can target about 6% of the computer users out there, and if I pay for a Linux exploit, I can target about 4% of the users out there (the market share numbers are roughly accurate, but obviously vary by country - for instance OSX has about a 10% share in the US but only 4% worldwide).

    So how does the malware author maximize the return on their investment? Obviously they want to chose the one that gets them the most victims for their money. And that choice is Windows - 90% vs 6% vs 4% means that for a given amount of effort, the OS with 90% market share will always return a higher ROI than the OS with 6% or 4%.

    The only thing that will change this dynamic is if either the cost for exploits for OSX and Linux goes dramatically down OR if the market share for OSX and Linux dramatically increases.

    All software has bugs. Anyone who works in software engineering knows that. It doesn't matter what operating system you're running, they all have bugs. And some percentage of those bugs will result in an EoP. It doesn't matter what operating system - every OS I've known has had EoP bugs in them.

    As long as an operating system can run arbitrary applications (in other words, it's not locked down like iOS is), the very nature that allows you to run arbitrary programs allows you to exploit EoP vulnerabilities in the OS.