Slashdot Mirror
Security Firm VUPEN Claims To Have Hacked Windows 8 and IE10
An anonymous reader writes "Windows 8 was released late last week, and already this week French security firm VUPEN says it has broken Microsoft's latest and greatest security features. The company claims it has developed a 0-day exploit for Windows 8 and IE10, by chaining multiple undisclosed flaws together."
I thought that little used operating systems were less vulnerable because fewer hackers would target them compared to popular, mass market operating systems such as Linux and MacOS.
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
Its a pretty common quote, basically its about the unloved and unwanted Vista
http://www.microsoft.com/en-us/news/exec/steve/2008/10-12AdDay.aspx
"STEVE BALLMER: Vista is our best selling product ever. So, if that takes too much getting over -- we're not going to have products that are much more successful than Vista has been. We sold over 180 million copies in the first 18 months, quite successful."
On the bright side, your typical hacker won’t be able to figure this one out either: Windows 8 raises the security bar even higher than before, and if it was easy, someone would have beaten VUPEN to it long ago.
And who thinks that other hackers won't figure this out?
More precisely, who says the other hackers would disclose it if they found such vulnerabilities? There's plenty of profit to be earned in vulnerabilities in the black market.
I wonder if their hack could be used on Windows RT to gain low-level access to the system, allowing one to essentially jailbreak the thing and let one side-load apps on it. I'm not planning to buy a Windows RT - tablet and one of the reasons is exactly the fact that I am only allowed to install stuff from Windows Store; a fully-working jailbreak would atleast make the thing slightly more useful.
Why buy a closed device, when open devices like Googles Chromebook which is available cheaper and isn't locked. Excusing manufacturers for their abuse behaviour...and giving them money, never persuaded, and manufacturer to be more open.
Really? How? Because even Microsoft's own website doesn't say that. You can only side-load things if you have a proper license for that, meaning that you need to be a large company with a contract with Microsoft.
I tried that. But it did not hack the computer I was trying to hack. And now my computer is not working either.
1. They bought Windows 8. 2. They Installed Windows 8. 3. They connected Windows 8 to the internet. 4. They surfed goatse with IE10.
Windows RT is going to be hell its hard to find actuate reliable information about anything. From wikipedia http://en.wikipedia.org/wiki/Windows_RT it claims.
"Perhaps the biggest change is that Windows RT will only run applications that have been included in Microsoft's App store. This requires certification by Microsoft that they consider the application to be suitable."
and obviously
"Users will not have an option to disable UEFI secure boot on Windows RT systems. As a result, only operating systems that have been signed for secure boot by their developers can be installed"
Is what it must be like for malware authors when Microsoft releases a new OS.
"If any question why we died, Tell them because our fathers lied."
To back up what I just said: http://msdn.microsoft.com/en-us/library/windows/hardware/hh825613.aspx
[August 2012] Sideloading apps on Windows 8
Sideloading is supported on the following editions when you activate a sideloading product key:
Windows 8 Pro
Windows 8 Enterprise*
* The sideloading product key is not required with Windows 8 Enterprise when the computer is joined to an active directory domain.
noteNote
Sideloading is also supported on Windows RT. The group policy service is not enabled by default on Windows RT. You must enable the service before policies can be applied to the computer.
To sideload line-of-business apps on Windows Server 2012, the computer must be joined to an active directory domain.
For more information, see How to Add and Remove Apps.
In other words a side-loading key is needed. Ordinary users won't get that and won't be able to side-load.
It's sad to see that MS has dominated the market for so long that exploits seem accetable and it's insightful to claim this. Software should be well-written before you start charging for it. Period.
OpenBSD has only had 2 remote security holes in several dozen releases, in over 15 years. Why is it acceptable that something you pay for has had thousands more every release?
I'm sorry to disagree with you. Clearly you have an issue with Google. It is untrue that they sell your information. Their business model does not allow that. The whole point is they will *never* sell your information...they sell targeted AD space. They are advertisers just like Apple and Microsoft.
On the point of privacy. Clearly you have not installed Windows 8. Its defaults are appalling, and your being insincere in implying Microsoft is better.
The bottom line though is I personally would like a device where I can choose to install whatever OS. The reason being I personally quite like the look of the oversized trackpad on Chomebook , and the ability to install Debien, and it beong Good Value, all three features lacking on windows rt devices.
Well, it's more than 01, less than 11, and still only a 2-bit binary integer.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Exchanging your control of the device for having every piece of information scanned, categorized, and resold by Google would be reason enough for someone to buy a Win RT tablet.
So Microsoft has stated they will guarantee full privacy of your info that is stored in SkyDrive?
If your going to pull the "grass isn't always greener" argument, then Microsoft still loses, as their device is more expensive, will everything else (their treatment of your data) the same.
Actually, getting a sideloading key is dead easy. You have to run Powershell as Admin, then type Show-WindowsDeveloperLicenseRegistration (or just "show-wi" and hit Tab). Enter Windows Live credentials - anything, including a throw-away account created for the purpose, will work - and boom, you are unlocked for sideloading. Works on Windows 8 (Pro, Enterprise, or otherwise) and on Windows RT (tested it on a Surface).
http://msdn.microsoft.com/en-us/library/windows/apps/Hh974578.aspx
I don't know what's up with that old data that says you can't. That's been bouncing around for almost a year, and as far as I can tell it was *never* true, even on pre-release versions. You've been able to unlock Win8 for sideloading since the first preview builds came out! It's as though there's two completely different teams talking about this. Well, three (the one that says *only* Store apps are allowed) but the last one is the marketing team trying to keep the n00bs from getting confused; they are safely ignorable. Fortunately, the team that supports the more open approach is the one that is correct.
There's no place I could be, since I've found Serenity...
Yes, you can go through a ridiculously complex process to install a key that will expire and Microsoft can revoke so that you can run some software on your system. It's more akin to Apple's extreme restrictions on side loading than Android's 3rd party sources checkbox. The only difference is that Microsoft isn't charging you $99 to get one. You're still at Microsoft's mercy, and no one can use your application unless they too are capable of repeating the steps.
I don't know why people keep defending this. It's designed explicitly to inhibit people from using it and bypassing the store.
Exchanging your control of the device for having every piece of information scanned, categorized, and resold by Google would be reason enough for someone to buy a Win RT tablet
Well, gee, it's lucky Google doesn't scan, categorize and resell very piece of information on your device then, isn't it? FUD much?
Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
If the only thing that sucks about WinRT is that it's "closed", then I'll take one.
Windows RT (WinRT is the new API, Windows RT is the new OS) is not "closed", it is closed, and that's not the only thing that sucks about it.
"The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
Well - that was the main complaint about Linux.
And now -using windows- it is suddenly a no-brainer?
Wow... just wow!
With Microsoft you have worse privacy than with Google. They collect at least the same amount of information, and because everything is closed you never know what else they transmit and collect.
It took me nearly a day to get a "Active Directory Users and Computers" icon on my Windows 8 Pro VM.
- First I have to download RSAT.
- It errors with random hex-code when run.
- Much googling (and no help in the MS KB) later, I find out it doesn't like being on a mapped shared drive (which is what VMWare uses for it's shared drive with the host).
- Copy to C:\, run it.
- It installs without error, but nothing happens after (nothing in Windows Features related to remote admin tools, no new icons).
- Much googling (and no help in the MS KB) later, it turns out I don't have the en_US language installed and it won't work without it (despite the computer being en_GB!) but will just die silently.
- Go to install language, get empty language lists.
- Think they must be on the CD, so point it at the original CD image. Nope. Nothing useful.
- Much googling (and no help in the MS KB) later, it turns out that because I'd disabled Windows Search, it totally stops the list of languages populating.
- Enabled Windows Search.
- Installed language.
- Still no joy.
- Much googling (and no help in the MS KB) later, it turns out that because I have disabled Automatic Updates, it won't actually download the language pack (or error, or tell you that, or anything).
- Re-enabled, got the language pack (150Mb!)
- Reinstalled the MSU
- Finally get "Users and Computers".
It doesn't shock me that in that mess of code there might be a security feature or two that's lax. I mean, seriously? Half the things had no error code or even message to say they weren't going to work or why and those that did provided zero useful information.
- You can't install an MSU from a network-mapped drive (even if it appears as a mapped drive Z:!)
- You can't install RSAT with only en_GB enabled.
- You can't even see the languages available without Windows Search enabled (WTF?)
- You can't install a language without Automatic Updates enabled (Again, WTF?)
- You have to know all this to get Users & Computers working (which, if I remember rightly, is installed by default on most "Pro" versions of Windows or at worst was an Add/Remove Windows Feature kind of deal from the initial install disk).
I'm not surprised, with that amount of cross-interaction between COMPLETELY unrelated components, complete lack of user feedback, and random interactions, that there's a few security problems cropping up.
And that's not even the worst experience I've had with a clean Windows 8 VM image from an official Windows 8 ISO with a proper Windows 8 Pro Product Key. I actually managed to BSOD the VM within hours of install, not by even doing anything remotely interesting.
Alright, throwing away mod points but you are completely dead wrong. You clearly do not understand how sideloading works in Windows 8.
Per Microsoft, sideloading is installing an app without the Store. With Windows 8 you have to have two things in order to sideload an app:
1. You need either the fully packed installer (which you cannot apparently save on your computer and can only download through the Windows Store app proper; going to the Windows Store page in a web browser doesn't give you any options to install or download) OR you need the unpackaged app including its .MAIN file.
2. You need the product key for the specific app.
Both of these things you will only have if you are the original developer of the app or if the original developer deigned to share it with you. They won't, since that essentially gives you their source code and ability to steal their product from them.
To make things even worse, you need these items in order to "provision" an app (MS' term) prior to running Sysprep on an image.
Basically, unless its a Line of Business (LOB) app that was developed internally by your company, you cannot sideload or provision an app in Windows 8.
It's hilarious, since we are using Windows 8 for a project for Microsoft and their own OS is stopping the things they want from happening. In my opinion, they listened to marketing guys who don't fully understand how people actually use Windows in a business environment so that they could get accurate data for individual usage. Everything they have done is 100% anti-business. The Windows Store is only fit for home consumer use, and even then...
The real clincher to me that Microsoft is losing its mind and trying to piss off their Enterprise customers is that as an IT admin you are incapable of managing the Windows Store outside of disabling access to it. Any updates that need to be done, have to be done by the user. You have to have a Windows Live account for it, logged in, and you can't fix license sync issues with the apps except through a manual process.
Windows 8 is just a disaster for business.
You don't know much about VUPEN -- they are expletive deleted low-lifes of the first order. VUPEN used their existing 0-day exploits from older versions of Windows -- and they don't tell the manufacturers about the exploits -- they only sell them for big bucks to government intell. agencies, etc.
If low-lives can find these zero days how come MS with their massive profits and massive install base can't find them first and fix them?
Maybe because fixing Windows is like polishing a turd.