Microsoft Fixes Critical Remotely Exploitable Windows Root-Level Design Bug

An anonymous reader writes "In this month's Patch Tuesday, Microsoft has released nine security bulletins to address 56 unique vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server software. Of the nine security bulletins, three are rated Critical in severity, and among these three is one that addresses a years-old design flaw that can be exploited remotely to grant attackers administrator-level privileges to the targeted machine or device. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights." Reader jones_supa writes, though, that the most recent patch rollout came with a bug of its own, since corrected: the company apparently botched a rollup update for Visual Studio 2010 Tools for Office Runtime: "There is an issue with KB3001652: many users are reporting that it is locking up their machines while trying to install it. It does not seem that this patch is doing any other damage though, such as bricking the operating system. These days Microsoft appears to be reacting quickly to this kind of news as it looks like the patch has already been pulled from Windows Update."

VS2010 patch locks up OS?

[jfbilodeau]

Why would a patch for an IDE lock up an OS?

Is Microsoft able in any way to create products that are not intractably entrenched in their OS?

Re:The most insecure OS in the world

[sinij]

Please, the most insecure OS in the world is Linux (Damn Vulnerable Linux)

Re:oh you motherf~}NO_CARRIER

[ihtoit]

whoa, 0.01% of 800 million (a very conservative estimate of the installed base) is still 80,000. That's a number far greater than 0 and most definitely of concern if you're one of those 80,000.

The XP Killer?

[bill_mcgonigle]

We've been waiting for that vulnerability that will finally create such havoc on XP that people will abandon it.

The security bulletin is vague, as usual, but it does say:

A remote code execution vulnerability exists in how Group Policy receives and applies policy data when a domain-joined system connects to a domain controller. To exploit this vulnerability, an attacker would have to convince a victim with a domain-configured system to connect to an attacker-controlled network.

An attacker who successfully exploited this vulnerability could take complete control of an affected system and then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by improving how domain-configured systems connect to domain controllers prior to Group Policy accepting configuration data. ...

Although Windows Server 2003 is an affected product, Microsoft is not issuing an update for it because the comprehensive architectural changes required would jeopardize system stability and cause application compatibility problems. Microsoft recommends that security-conscious customers upgrade to a later operating system in order to keep pace with the changing security threat landscape and benefit from the more robust protections that later operating systems provide.

Which would seem to put the XP/2003 lineage one malware download away from connecting to a botnet that spoke just enough Domain protocol to exploit it and being pwned.

NSA could have such an exploit ready next week, Russian mafia in a month. The Prize is controlling close to 19% of the installed base.

Re:The most insecure OS in the world

[Archangel+Michael]

True. But Adobe already creates exploits for all the other OSes in the world, so they don't need to actually create an unsecured OS.

Re:The most insecure OS in the world

Its all about attack surface bro.

Those windows SMB servers you likely firewalled away from the internet, zero exposed (inbound) services. They're only used to provide services to systems on the local network. Maybe you have SMTP exposed for inbound mail. (Today, though, running your own exchange server(s) for anything smaller than an enterprise is for suckers. Much cheaper to purchase hosted exchange service, and you don't have to deal with your IP blocks being blackholed)

Those linux servers, on the other hand, were probably internet facing. Providing services anyone on the wild wild interwebs could hammer. If you put those windows servers in the same situation you'd see them pwnd too.

Re:The most insecure OS in the world

[westlake]

Windows - the most insecure OS in the world. There are probably more viruses, malware and ransonware than actual apps.

I doubt it.

Download.com alone hosts over 51,000 Windows apps. Search Results for all Windows, Sourceforge, 16,000, 2,200 certified Fresh.

Amazon.com 22,000 for retail sale. PC Software

You could make a very strong case for Android being the most insecure, incompetently planned and managed OS in the wild.

Google's position is complicated, because it has produced a platform that it has no power to update. There's no Windows Update for Android phones, and Google has no ability to push out updates to the operating system; it has to depend on a range of OEMs and network operators to adopt its source code changes and distribute them to users. Both Apple and Microsoft, in contrast, have a direct channel to update their mobile operating systems.

Google won't fix bug affecting 60 percent of Android users