Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Fixes Critical Remotely Exploitable Windows Root-Level Design Bug

Posted by timothy on from the lurking-beneath-the-surface dept.

An anonymous reader writes "In this month's Patch Tuesday, Microsoft has released nine security bulletins to address 56 unique vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server software. Of the nine security bulletins, three are rated Critical in severity, and among these three is one that addresses a years-old design flaw that can be exploited remotely to grant attackers administrator-level privileges to the targeted machine or device. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights." Reader jones_supa writes, though, that the most recent patch rollout came with a bug of its own, since corrected: the company apparently botched a rollup update for Visual Studio 2010 Tools for Office Runtime: "There is an issue with KB3001652: many users are reporting that it is locking up their machines while trying to install it. It does not seem that this patch is doing any other damage though, such as bricking the operating system. These days Microsoft appears to be reacting quickly to this kind of news as it looks like the patch has already been pulled from Windows Update."

8 of 136 comments (clear)

  1. Re:oh you motherf~}NO_CARRIER by Bacon+Bits · · Score: 3, Informative

    It might be an extremely rare issue. Following the links in the article, the last update they pulled in August of 2014 was pulled because it was causing blue screen errors for 0.01% of users, but they pulled it anyways.

    --
    The road to tyranny has always been paved with claims of necessity.
  2. TFA Says Patch is Fixed by Bacon+Bits · · Score: 4, Informative

    The article says the patch has already been updated and is safe to install.

    --
    The road to tyranny has always been paved with claims of necessity.
  3. Re:VS2010 patch locks up OS? by Pope+Hagbard · · Score: 3, Informative

    It's not a patch for the IDE, it's for the runtime for programs built with that version of Visual Studio (there are such runtimes for all versions of VS). It sounds like the computer can freeze during patch installation.

  4. Patching is NOT ENOUGH by jeffasselin · · Score: 5, Informative

    One very important part of this latest vulnerability is that patching your systems is NOT ENOUGH. The patch is not so much a fix as an entirely new security functionality which must be configured properly.

    It is required to configure a group policy to harden your systems. Any domain-joined system must have both the patch installed and a group policy setup to force the system to use secure authentication and validation mechanism on any sensitive share. Domain shares such as NETLOGON and SYSVOL are an obvious priority, but any share used for software deployment or script execution must be similarly listed.

    Make sure you read the KB article and take the proper steps to secure your systems:

    https://support.microsoft.com/...

    --
    If he explores all forms and substances Straight homeward to their symbol-essences; He shall not die.
  5. Re:The most insecure OS in the world by VGPowerlord · · Score: 3, Informative

    True, but only because Adobe never made an OS

    A man's gotta know his limitations. And they do.

    Funny story... Oracle (née Sun) makes an Operating System.

    --
    GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
  6. Re:The XP Killer? by tlhIngan · · Score: 4, Informative

    We've been waiting for that vulnerability that will finally create such havoc on XP that people will abandon it.

    It only affects domain-joined PCs. If you're running XP Home (can't join a domain to begin with), then it really doesn't affect you.

    It's a basic downgrade attack - similar to how those TLS bugs were done. You force the client and/or server to revert to an older less secure authentication protocol and then use that to get your way in.

    And most businesses have moved off XP.

  7. Re:oh you motherf~}NO_CARRIER by VGPowerlord · · Score: 3, Informative

    I read this just SIX MINUTES after I installed the bloody office runtime update.

    Microsoft already released a fixed version at least 12 hours before /. posted this story... and pulled the buggy version some hours (8?) before that.

    In other words, by the time this story was posted, it was no longer relevant.

    --
    GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
  8. Re:oh you motherf~}NO_CARRIER by WasteOfAmmo · · Score: 4, Informative

    After some investigation it looks like the update may not have been configured to do a silent install properly and actually hangs as it is waiting for user input on an invisible dialogue box.

    If you have a machine that does hang we have found the following:
    1. wait until there is virtually no disk activity (counting on you have a light that shows you) and then power the machine down, or
    2. use either PowerShell remoting or psexec to kill the two processes involved in the update: "Setup" and "vstor_redist".
    With PowerShell: Invoke-Command -ComputerName hostname -ScriptBlock {Stop-Process -Name Setup,vstor_redist -Force}
    With PSExec something like this will work:
    Psexec \\hostname cmd
    Taskkill /im Setup /f
    Taskkill /im vstor_redist /f
    Exit

    If the machine is doing a number of updates killing the two processes above will allow the machine to continue with the rest of the updates.

    Of course the standard disclaimers apply: No guarantees the above will help and not harm you computer, your mileage may vary, batteries not included, objects in code are buggier than they appear, yadda, yadda.