Actually, this particular attack cannot be mitigated by running as admin.
It attacks a genuine hole in the operating system and is not dependent on anyone even being logged on to the machine at all. It 'hijacks' the LSASS process, wich runs in the SYSTEM context. The operating system could not run if LSASS wasn't running as SYSTEM.
Of course, the patch has been available for >2 weeks now, so all of this *should* be moot.
The patch had been out for 2 weeks before the exploit showed up.
ANYONE with ANY awareness has already realized that as soon as the patches come out the bad guys reverse engineer them and attack the flaws that were fixed.
If you didn't patch your boxes in the 2 week window you had, then yeah, you created more work for yourself.
However, in an efficient market, a product that does not perform as advertised won't sell. Therefore, maximizing profit and building a working product are not mutually exclusive goals.
My personal conclusion is that this is simply a project the Diebold has mismanaged into its own destruction. My take is that this is incompetence, not malice.
"I also use a network password here at school that Windows can't handle."
Um... there is absolutely no way for the login script to even KNOW your password. It just can't be done. So whatever problems you have on this system are certainly not due to the login script having problems with your password.
"One study by the First Consulting Group, a healthcare consultancy based in Long Beach, Calif., found that when the 300-bed St. Agnes Healthcare facility in Baltimore deployed the Vocera system, its nurses saved more than 1,100 hours a year, while the entire organization saved some 3,400 hours."
Why is Microsoft re-issuing this bulletin Subsequent to the release of this bulletin, it was determined that this vulnerability could also affect users who do not have the "Outlook Today" folder home page as their default home page in Outlook 2002. As a result, Microsoft has re-released this bulletin with a new severity rating of "critical" to reflect the expanded attack vector. The update released with the original version of this security bulletin is effective in protecting from the vulnerability and users who have applied the update or have installed Office XP Service Pack 3 do not need to take additional action.
It's the same patch they released yesterday. They just discovered it's more serious than they first thought, so they released the same binaries with a higher severity.
I'm curious: what are you basing that statement on? You're claiming that MS doesn't focus on the game developer, I'd like to know why you say that.
Granted, MSFT keeps the XDK under tight wraps, but it's no big secret that it's a very close relative of DirectX 7. And there's libraries of information on programming DX7 out there.
One day there's no standard and then, POOF, there is?
Standards come into existence by the cooperation of many people deciding to do something together. Which is what's happening with SPF. SPF has been a proposed standard for a while now... AOL is the large adopter that's going to propel SPF to an accepted standard.
Censorship for everyone! Ashcroft, Ashcroft, rah rah rah!
Nothing that isn't white, Protestant, college educated, and politically correct should be on the Internet! We'll have none of those free thinkers here! Anyone who disagrees should be shipped off to Guantanamo!
It's no skin off your nose, but you're not the admin for 1500 machines.
The admins of large scale deployments have asked Microsoft to make patches more predictable so they can do planning for patch deployment. Microsoft complied.
As others have stated, when a known vulnerability exists, or when sample code is publicly available, Microsoft will release the patch as soon as it's written.
If you developed a technology that's used around the world and is a near-ubiquitous format, wouldn't you license it?
MS would be insane not to charge royalties. The FAT filesystem, unlike many technology patents, is a "real" piece of intellectual property, just like compuserve's GIF file format and the LZW compression algorithm.
Of *course* they're going to license it! As a MSFT shareholder, I'd be rather upset if they DIDN'T license it!
Everyone here is so quick to bash MS... even when they make a good business decision.
Slashdot Mirror
Actually, this particular attack cannot be mitigated by running as admin.
It attacks a genuine hole in the operating system and is not dependent on anyone even being logged on to the machine at all. It 'hijacks' the LSASS process, wich runs in the SYSTEM context. The operating system could not run if LSASS wasn't running as SYSTEM.
Of course, the patch has been available for >2 weeks now, so all of this *should* be moot.
The patch had been out for 2 weeks before the exploit showed up.
ANYONE with ANY awareness has already realized that as soon as the patches come out the bad guys reverse engineer them and attack the flaws that were fixed.
If you didn't patch your boxes in the 2 week window you had, then yeah, you created more work for yourself.
Um, the president didn't pass the PATRIOT act. The congress did.
(Not to say that your question is totally without merit, but let's not forget who does what here.)
Better yet, decertify the results.
The state will be forced to hold another election, and you can bet your sweet ass they'd sue Diebold for reimbursement.
Hit 'em in the wallet.
Yes, companies are out to maximize profit.
However, in an efficient market, a product that does not perform as advertised won't sell. Therefore, maximizing profit and building a working product are not mutually exclusive goals.
My personal conclusion is that this is simply a project the Diebold has mismanaged into its own destruction. My take is that this is incompetence, not malice.
"I also use a network password here at school that Windows can't handle."
Um... there is absolutely no way for the login script to even KNOW your password. It just can't be done. So whatever problems you have on this system are certainly not due to the login script having problems with your password.
If you don't think that 24-hr recorders with GPS are the next step, you're not thinking.
The current crop of black boxes really isn't all that scary. But the slippery slope we're on (as others have pointed out) is VERY scary.
After we get 24 hour recording with GPS, the next step is... what? Remotely accessible by law enforcement? Perhaps video recording as well?
Scary scary scary.
Unfortunately, it appears that expertise in French law is lacking here at slashdot.
I second the suggestion above: contact eff. Now. If they can't help they probably can point you to organizations that can.
"One study by the First Consulting Group, a healthcare consultancy based in Long Beach, Calif., found that when the 300-bed St. Agnes Healthcare facility in Baltimore deployed the Vocera system, its nurses saved more than 1,100 hours a year, while the entire organization saved some 3,400 hours."
They only have three nurses?
There's an inherent problem there. Anything you can do to make your program read-only, an administrator can undo.
So if Joe User gets infected and is running as administrator, the virus can un-write-protect memory and keep going.
This is a classic offense vs. defense escalation and is the type of problem Rootkits pose as well.
Just to quote the relevant section:
Why is Microsoft re-issuing this bulletin
Subsequent to the release of this bulletin, it was determined that this vulnerability could also affect users who do not have the "Outlook Today" folder home page as their default home page in Outlook 2002. As a result, Microsoft has re-released this bulletin with a new severity rating of "critical" to reflect the expanded attack vector. The update released with the original version of this security bulletin is effective in protecting from the vulnerability and users who have applied the update or have installed Office XP Service Pack 3 do not need to take additional action.
http://www.microsoft.com/technet/security/bullet in/ms04-009.mspx
Read the revisions section
The problem for Echostar is that most of their customers have no idea that Viacom is at fault here; they're going to blame Echostar.
I'm sure glad I don't work for Echostar's PR department.
I'm curious: what are you basing that statement on? You're claiming that MS doesn't focus on the game developer, I'd like to know why you say that.
Granted, MSFT keeps the XDK under tight wraps, but it's no big secret that it's a very close relative of DirectX 7. And there's libraries of information on programming DX7 out there.
Well, part of the problem is that the Pentium chips don't have a "no execute" flag for memory pages.
Until the hardware supports the feature, it's useless.
Actually, there's been at least one month that MS has announced "we don't have any security updates for you this month."
Revenues != profits.
Profts = revenues - costs.
How do you think standards come to be?
One day there's no standard and then, POOF, there is?
Standards come into existence by the cooperation of many people deciding to do something together. Which is what's happening with SPF. SPF has been a proposed standard for a while now... AOL is the large adopter that's going to propel SPF to an accepted standard.
I'm so glad someone else mentioned this first!
/. hell.)
Too many times Google gives me hits that are just meta-search pages with no information.
Google is far, far less useful than it used to me.
(Excuse me now... I think I'm going to be banished to
Amen, brother!
Censorship for everyone! Ashcroft, Ashcroft, rah rah rah!
Nothing that isn't white, Protestant, college educated, and politically correct should be on the Internet! We'll have none of those free thinkers here! Anyone who disagrees should be shipped off to Guantanamo!
In theory, this is true.
Ask Kevin Mitnick how well it works in practice.
..but releasing these images to the public is a public relations endeavor, not a scientific endeavor.
I just did.
Easy lookup at http://www.senate.gov.
Remind them that election time is just around the corner and you'll be considering his/her reaction to this issue when you hit the voting booth.
It's no skin off your nose, but you're not the admin for 1500 machines.
The admins of large scale deployments have asked Microsoft to make patches more predictable so they can do planning for patch deployment. Microsoft complied.
As others have stated, when a known vulnerability exists, or when sample code is publicly available, Microsoft will release the patch as soon as it's written.
If you developed a technology that's used around the world and is a near-ubiquitous format, wouldn't you license it?
MS would be insane not to charge royalties. The FAT filesystem, unlike many technology patents, is a "real" piece of intellectual property, just like compuserve's GIF file format and the LZW compression algorithm.
Of *course* they're going to license it! As a MSFT shareholder, I'd be rather upset if they DIDN'T license it!
Everyone here is so quick to bash MS... even when they make a good business decision.