Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Attack Code Found For Recent Windows Bug

Soulskill posted more than 4 years ago | from the oh-by-the-way dept.

Windows 184

CWmike writes "Just a day after downplaying the vulnerability that caused it to issue an out-of-cycle patch last week, Microsoft warned customers late yesterday that exploit code had gone public and was being used in additional attacks. 'We've identified the public availability of exploit code that now shows code execution for the vulnerability addressed by MS08-067,' said Mike Reavey, operations manager of Microsoft's Security Response Center, in a post to the MSRC blog. 'This exploit code has been shown to result in remote code execution on Windows Server 2003, Windows XP, and Windows 2000.'"

cancel ×

184 comments

Sorry! There are no comments related to the filter you selected.

Hmmm... (2, Funny)

Anonymous Coward | more than 4 years ago | (#25548311)

Lets see, perpetually vulnerable-to-script-kiddies Windows XP, or locks-up-every-5-seconds Ubuntu?

Re:Hmmm... (0)

kcbanner (929309) | more than 4 years ago | (#25548365)

By lock up do you mean the user interface? Because thats irrelevant in a server environment. If your gui is locking up it usually means you box is too slow and the more critical processes are getting the CPU time.

Re:Hmmm... (0, Insightful)

Anonymous Coward | more than 4 years ago | (#25548443)

There's always an excuse from the open source crowd. It's a bug in Windows, but it's always by design in an open source project.

Re:Hmmm... (0)

Anonymous Coward | more than 4 years ago | (#25548467)

Woooooooooooosh to the 2 of you!

Can't you see the guy is kidding for christ's sake?

Re:Hmmm... (3, Insightful)

Anonymous Coward | more than 4 years ago | (#25548691)

Seriously, Insightful?

Re:Hmmm... (0)

Anonymous Coward | more than 5 years ago | (#25550691)

Damn, I've been trying for years to figure out how that works. Let's see:
Seriously, funny?

Re:Hmmm... (0)

Anonymous Coward | more than 5 years ago | (#25550045)

No, it simply gets ignored if it's in Windows, at least the open source people actually pay attention to these types of things. And the GP is right, it usually means you need a better machine or need to pare down your services. Running Apache with 128 spare servers minimum might not be the best thing for your Pentium I 133MHz w/64meg RAM.

Re:Hmmm... (0)

Anonymous Coward | more than 4 years ago | (#25548475)

Who the fuck runs ubuntu on a server? Context man, context!

Re:Hmmm... (1, Interesting)

cheater512 (783349) | more than 4 years ago | (#25548597)

Wikipedia seems to think that its a good idea. :P

Re:Hmmm... (4, Funny)

daeg (828071) | more than 4 years ago | (#25548735)

Well, to be fair, their discussion took place on Wiki pages, so it was either Ubuntu 8.04 or HAHAHHAYOUSUCKCOCKS.

Re:Hmmm... (5, Funny)

Dogtanian (588974) | more than 4 years ago | (#25549085)

Well, to be fair, their discussion took place on Wiki pages, so it was either Ubuntu 8.04 or HAHAHHAYOUSUCKCOCKS.

Yeah, I can see that some 13 year old vandal might think that it was funny to replace "Red Hat Enterprise Linux 5.2" with something silly like, er... "Ubuntu 8.04" ;-)

BTW, HAHAHHAYOUSUCKCOCKS 2.06 is a fine server distro and I won't hear a word against it.

Re:Hmmm... (1)

notdotcom.com (1021409) | more than 5 years ago | (#25550073)

If I had mod points, I would mod this up... ...Especially because I'm running HAHAHHAYOUSUCKCOCKS 1.8 and need to upgrade.

Thanks for the reminder.

Re:Hmmm... (1)

ghostbar38 (982287) | more than 5 years ago | (#25549729)

Who wrote that page in Wikipedia. And of course only who uses may say that, that means: noobs.

Re:Hmmm... (4, Funny)

Anonymous Coward | more than 4 years ago | (#25548949)

Who the fuck runs windows on a server? Context man, context!

There, fixed it for you.

Re:Hmmm... (1)

FunkyRider (1128099) | more than 5 years ago | (#25549451)

I am, and that server is generating more than 100K dollars each day for the company!

Re:Hmmm... (1)

Meumeu (848638) | more than 5 years ago | (#25549453)

Because thats irrelevant in a server environment.

Ubuntu's main target is the desktop, not the server...

Re:Hmmm... (2, Informative)

rikkards (98006) | more than 5 years ago | (#25549843)

That plus the wireless network card drops randomly. The message in dmesg is that it can't find the AP so it assumes it is gone. Restarting the networking fixes it.

Re:Hmmm... (4, Insightful)

CrazedWalrus (901897) | more than 5 years ago | (#25550531)

But it does make a damn fine server. The software is reasonably up to date, the administration is dead-simple, and I'm already familiar with it from my desktops.

I've got other things to concentrate on besides server administration -- like coding my project management and billing system, or working for my clients so I have something to bill them for. Ubuntu makes that easy for me.

I've recently vetted Slackware, Debian (stable), and Ubuntu Server 7.04, and settled on the latter because it strikes the balance I need between stability and up to date software. You may legitimately disagree with my choice, but I have my reasons and I'm sure you have yours. Most Linuxes make great servers, so it's really choosing your favorite incarnation of "awesome."

Re:Hmmm... (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25551005)

What? You chose Ubuntu over Slackware and Debian, for a server?

Noobuntu has officially ruined Linux. Looks like it's about time I installed FreeBSD or OpenSolaris.

Re:Hmmm... (3, Funny)

darkpixel2k (623900) | more than 5 years ago | (#25551039)

You may legitimately disagree with my choice, but I have my reasons and I'm sure you have yours. Most Linuxes make great servers, so it's really choosing your favorite incarnation of "awesome."

Damnit! Stop doing that. Your job on Slashdot is to perpetuate the holy OS wars. If you start to lose an argument based in 'nuh uh, yeah huh' then immediately question the person's choice of vi verses emacs.

Never EVER admit that something may come down to personal preference unless you are willing to follow it up by blatantly trashing said person's personal preference by calling them 'dumb' or 'retarded'. Finally, if you are totally and completely losing the argument, link to final irrefutable proof: like this [goatse.cx]

Re:Hmmm... (2, Insightful)

Anonymous Coward | more than 4 years ago | (#25548665)

Locks up every 5 seconds? What do you mean? What kind of computer are you using? Have you submitted a bug report?

Re:Hmmm... (4, Insightful)

Venik (915777) | more than 4 years ago | (#25549231)

Why should anyone bother submitting a bug report? If it's a minor issue and I have a workaround - sure, I'll submit a bug report. But if a system is completely unusable with Ubuntu, I will better spend my time finding a working alternative. Having said that, as a Unix sysadmin I have nothing against Ubuntu, other than using it on a server is not the best idea: there are many far more stable alternatives. The problem with most Linux aficionados out there is that few of them worked in a real production environment of a big datacenter. These guys may know how to configure Apache and MySQL on their Ubuntu PC, but they don't see a difference between getting something to work and getting it to be fast and reliable under constant heavy load.

Re:Hmmm... (0)

Anonymous Coward | more than 5 years ago | (#25550639)

yeah, whatever fuck off you snob and go back to your data center.

Re:Hmmm... (2, Insightful)

DiegoBravo (324012) | more than 5 years ago | (#25550681)

I also worked as Unix sysadmin for several years (but no longer... I love to sleep all night long) and from my experience:

1) Most "big datacenters" have several key servers that are really unstable despite being Unix(tm), mostly because of evil combinations of HW/Applications/OS (patches and more patches from Oracle, NUMA configurations, etc)... as happens with any Linux.
2) Most servers in datacenters are 99% idle, except when silly programmers try to execute infinite pooling loops or that sort of things. There is a myth (now banishing) that you need a real Unix of >100K$ to do the real work; think of the price of Sun's.

So apart from their trash PC hardware, I believe those kids with LAMP systems do really know a bit on stability and heavy load (think of /.)

Re:Hmmm... (1)

Larryish (1215510) | more than 4 years ago | (#25548753)

ubuntu 7.10 is pretty stable these days, and 8.04 isn't giving much trouble either

Re:Hmmm... (0)

Anonymous Coward | more than 5 years ago | (#25550311)

What is stable for one person can be unstable for another.

Re:Hmmm... (1)

markkezner (1209776) | more than 5 years ago | (#25549969)

If you're having lock-ups that badly, you have a either a hardware problem or a driver problem. My guess is it's a restricted driver causing your issue.

Re:Hmmm... (0)

Anonymous Coward | more than 5 years ago | (#25550569)

locks up ubuntu?

my uptime is measured in months.
locked up?
gnome might have carshed.. a few times in a few years. but ctrl-alt-backspace did the trick

cant wait 7 seconds?

Re:Hmmm... (3, Interesting)

jimmyhat3939 (931746) | more than 5 years ago | (#25550591)

I've run Ubuntu on a Dell Inspiron 9400 laptop for over a year without a single lockup.

Now, I also run VirtualBox and Windows XP under that. *That* has locked up several times. So if that's what you mean, I agree.

Another out-of-cycle patch is coming, right? (1, Insightful)

Thundercross (1395865) | more than 4 years ago | (#25548377)

Time to set Windows to automatically reboot my computer without my permission.

Re:Another out-of-cycle patch is coming, right? (5, Informative)

TubeSteak (669689) | more than 4 years ago | (#25548543)

No, this is the same exploit we talked about before.
If you patched on the 23rd, you should be fine.

Re:Another out-of-cycle patch is coming, right? (2, Informative)

gparent (1242548) | more than 5 years ago | (#25549417)

So you mean giving it permission, right? Thought so.

Wait a tick (0, Troll)

moniker127 (1290002) | more than 4 years ago | (#25548401)

So... this horrible deadly plague of terror only affects the products that microsoft is trying desperately to grandfather?

Huh... Imagine that.

Hotpatching (5, Insightful)

nmb3000 (741169) | more than 4 years ago | (#25548441)

For those interested, there was a really cool hack [nynaeve.net] of hotpatching the files and services that are affected by this exploit. The Microsoft patch isn't designed to be hotpatched, instead requiring a reboot to replace the needed files. However, by using a binary diff and DLL injection you can apply the patch on the fly without rebooting.

I wish Microsoft would put more effort into making the official patches not require a reboot. Consumer operating systems are one thing, but rebooting Windows servers gets annoying really fast.

Re:Hotpatching (4, Insightful)

TubeSteak (669689) | more than 4 years ago | (#25548553)

However, by using a binary diff and DLL injection you can apply the patch on the fly without rebooting.

Is that something you would want to do on a production server?
And if you were MS, is that something you would want to support?

Re:Hotpatching (3, Interesting)

Dr Caleb (121505) | more than 4 years ago | (#25548633)

>And if you were MS, is that something you would want to support?

If you were MS, and wanted to brag about 5 Nines uptime, wouldn't you design the patch so you didn't have to reboot production servers once a month?

Glad I spent all weekend patching, now that the exploit has escaped.

Re:Hotpatching (4, Interesting)

vux984 (928602) | more than 4 years ago | (#25548771)

If you were MS, and wanted to brag about 5 Nines uptime, wouldn't you design the patch so you didn't have to reboot production servers once a month?

5 nines is ~5.3 minutes downtime per year

You don't acheive that with a single Linux box either, unless you simply aren't keeping it up to date, even if you manage to avoid 'rebooting it' you are still going to have serious trouble reliably preventing 'unavailability of services' from reaching 5.3 minutes over a year.

It takes either a mainframe or a cluster to reach 5 9's with any reliability. Windows doesn't run on a mainframe, and if you have cluster, a few scheduled reboots now and then don't result in any downtime, since you don't have to bring the entire cluster down.

So your argument really doesn't apply.

Re:Hotpatching (2, Interesting)

MostAwesomeDude (980382) | more than 4 years ago | (#25548847)

No, I've managed to have a single Linux box reach 99.999%. It's mostly a matter of not updating the kernel; everything else can be upgraded monthly with ~15 seconds downtime, for an average of ~3 minutes annually.

Re:Hotpatching (5, Insightful)

vux984 (928602) | more than 4 years ago | (#25549215)

No, I've managed to have a single Linux box reach 99.999%

"Managed to have"? You are talking about 5 9's as something that you can reach. People who demand 5 9's consider that the minimum they will accept. They don't want systems that can reach 5 9's they want systems guaranteed not to be less than 5 9's. That's a HUGE difference.

So if we sign an SLA, how certain should I be that you can deliver 5 9's? ... From one box? Not very.

That fact that you might 'manage it' simply isn't good enough. What happens when a piece of hardware fails? or if an update doesn't go smoothly? With a single box you have no contingency and 5 minutes to resolve any problems and perform any updates that might be needed for the entire year.

My point stands: anyone serious about delivering 5 9's simply isn't using a single box, because you simply can't depend on it. MAYBE you'll get 5 9's out of it, but getting 5 9's from a single box is like winning a prize from a scratch and win. Its not exactly a miracle, but its hardly something you can rely on.

Hell, even promising 4 9's from a single box is taking on some heavy risk. It's not hard to envision an unexpected hour of downtime on a box over the course of a year.

Re:Hotpatching (0)

Anonymous Coward | more than 5 years ago | (#25550099)

If you are talking about SLAs, you are going beyond operating systems. SLAs take into consideration your hardware, software, and external infrastructure.

Saying the software is no better or worse because the package as a whole is no better or worse is a pointless argument. The weakest link in that set is the infrastructure (depending on how the SLA defines it) followed by the hardware.

I have had personal BSD and Linux boxes that have run endlessly for more than a year, multiple times, and only rebooted due to 4+ hour power outages. My oldest hardware is 11 years old and has yet to fail me (knock on wood).

So at the end of the day, your OS should be a negligible factor in your SLA. In terms of availability, it shouldn't even come up in the discussion.

9 Nines (0)

Anonymous Coward | more than 5 years ago | (#25550931)

No, I've managed to have a single Linux box reach 99.999%

"Managed to have"? You are talking about 5 9's as something that you can reach. People who demand 5 9's consider that the minimum they will accept. They don't want systems that can reach 5 9's they want systems guaranteed not to be less than 5 9's. That's a HUGE difference.

I have 9 nines on my desktop and, here's the kicker, my laptop. I offer the same SLA to clients willing to pay for it. How do I manage it?
1) Don't buy crappy hardware, and stress the stuff you do buy before putting it into production.
2) Run a decent OS. Fanboys pick your fav.
3) Don't patch anything you don't need to. Port 139 is vulnerable but you don't need it? Just block it.

Adhere to the terms of the SLA. This is key, define the SLA to support 99.9999999% such that reboots are not included. Ta dah!

It's all quite simple really.

Re:Hotpatching (1)

mlts (1038732) | more than 5 years ago | (#25551015)

If someone is promising a high quality SLA, they almost never will be using one box for their offerings. They will be using two or more machines connected via redundant disk controllers to a common SAN or disk array, and all the boxes will be connected to each other via heartbeat monitors.

The good thing, both VMWare and Hyper-V in Windows Server 2008 help make this task a bit easier, by allowing for a virtual machine to be hosted on a cluster, so if the primary machine fails, the others can take over without missing a step.

For five nines, everything needs to be redundant, from different sets of wires coming in the building so a backhoe doesn't cut everything in one swipe, to multiple power trunks connecting to a machine's redundant power supplies (no "Y" cables), so on and so forth. Some IBM machines even use 2-3 CPUs executing the same task at a time so if one of them glitches on a calculation, the machine can be failed down and a backup take over. A lot of companies even have different hot spare locations, where they mirror their disk I/O over dedicated fiber channel over IP connections.

Uptime is all about planning. You can get lucky... but Murphy rules the roost here, and you don't want to have a signed agreement saying you have 5 nines, then some drunk causes the agreement to be violated because he got into your data center and mashed the Big Red Button, EPO-ing not just your machines, but your business.

Re:Hotpatching (4, Funny)

caluml (551744) | more than 5 years ago | (#25549647)

My current longest uptime:

$ uptime ; uname -r
00:49:19 up 1222 days, 14:09, 1 user, load average: 0.00, 0.00, 0.00
2.6.11-hardened-r14

Yeah, it doesn't actually do much. Just lets me win willy-waving matches.

Re:Hotpatching (1)

stim (732091) | more than 5 years ago | (#25549855)

And an impressive willy i might add.

Re:Hotpatching (0)

Anonymous Coward | more than 5 years ago | (#25550029)

Oh yeah? Well, uh, nyah.

$ uptime ; uname -r
00:40:23 up 1222 days, 14:10, 1 user, load average: 0.00, 0.00, 0.00
2.6.11-hardened-r14

Re:Hotpatching (1)

andreyvul (1176115) | more than 5 years ago | (#25550151)

AC Linux uptime pissing match is now over.

Re:Hotpatching (5, Funny)

sleeponthemic (1253494) | more than 5 years ago | (#25550485)

Oh yeah? Well, uh, nyah.

$ uptime ; uname -r 00:40:23 up 1222 days, 14:10, 1 user, load average: 0.00, 0.00, 0.00 2.6.11-hardened-r14

You made that post 51 minutes after he did.

So close, but forever in his shadow :-)

If you rely on a single system for 5 9s (1, Insightful)

Sycraft-fu (314770) | more than 5 years ago | (#25549259)

You are an idiot. 5 9s gives you just 5 minutes per year of downtime. You think if something fails in a system, you can get it back up in 5 minutes? Hell no. You want reliability like that, you do it with redundant systems. Well, in that case the individual units can certainly go down. Perfectly valid strategy. You patch them whenever you feel like, making sure that only one is down at a time and that it comes back up to full operational status before you do the next one.

A single system, well you are just rolling the dice. Sure I've seen single systems go for over a year, no crashes, no hardware faults. I've also seen plenty that have gone down. When a problem does occur, it isn't something that gets fixed in 5 minutes, or even usually in an hour (4 9s requires no more than 53 minutes down).

In addition to that you also have to keep the idea of planned and unplanned outages separate. While in some cases, no outage is acceptable and thus the system needs to designed to never be down, often an outage is fine, so long as it's planned. So you can take a system down every week and still have a perfect rating because you had no unplanned outages. The system was only down at specified times. That works just fine for non-critical systems in many cases.

However if it is critical, and if it really can't ever be out at all, ever, which is more or less what 5 9s implies, then you need to have redundancy, and have it at every level. You can't have any single points of failure because the chances that you get that point fixed in time is very slim.

So no reboot on patch isn't useful for that, because in a system with that high an availability, well it has to be redundant anyhow. More important that the patch applies properly and works (which is why you do the reboot, to eliminate potential conflicts) than that you can do it on a running system. After all, you take one part down for a couple minutes as you patch and verify, that's great your uptime is unaffected. You instead apply a hot patch to all systems, which then causes them all to crash an hour later, you are screwed because you are down.

Re:If you rely on a single system for 5 9s (0)

Anonymous Coward | more than 5 years ago | (#25549771)

Your argument makes absolutely no sense; it's not the difference between patch-one-and-test and hotpatch-all-and-pray, it's the difference between patch-one-and-test and hotpatch-one-and-test. The latter eliminates the need for the reboot; how significant that is varies, but it isn't nothing, and that's the additional amount of time you've got n-1 redundancy instead of n redundancy.

Re:Hotpatching (1)

Chirs (87576) | more than 4 years ago | (#25548941)

Actually, yes. The company I work for has spent a fair amount of resources to enable safe patching of running binaries. When you're aiming for 99.999% uptime and better, rebooting to apply a patch is suboptimal.

Re:Hotpatching (1)

ozphx (1061292) | more than 5 years ago | (#25550131)

Your company sucks.

If taking a single node down is going to unacceptably increase your risk, then you are in the realms of "trying for 5 nines", and not "guaranteeing 5 nines".

The risk of corrupting process state is going to be a hell of a lot worse than a reboot, and the cost another node is going to be less than a "fair amount of resources".

Re:Hotpatching (3, Informative)

DamnStupidElf (649844) | more than 5 years ago | (#25549797)

Come on, it's dead simple and it's safe. Just install a page fault handler and mark all the pages of the DLL as being unavailable, examine the current thread state of all processes and mark them if they are currently executing in the unavaiable pages, and if so simply return success from the page fault handler until the thread leaves the locked region (essentially single step through the DLL until it finally returns to the caller). If a thread was not originally executing in the protected pages and enters it, just stall it. Once all threads are stalled or not accessing the locked pages, patch the DLL and mark the pages available and uninstall the page fault handler.

What could possibly go wrong? Only if the data structures that the DLL uses internally are modified will this be difficult, in which case the patched DLL will just have to convert its own data during the patch time. If changes to user data structures are required, then the patched DLL would have to burn some space in each new data structure to identify it as a patched version and treat it appropriately, while detecting the old data structures reliably. That might be a little harder than the general case, but not impossible.

Is getting 0wned something you would want to happen on a production server that can't have downtime?

Re:Hotpatching (2, Informative)

cheater512 (783349) | more than 4 years ago | (#25548629)

Just switch to Linux servers instead.
The ability to not require rebooting for years comes as standard. :)

Downtime due to upgrades is limited to how fast you can restart the app.
You can swap the files while its still running, then just restart it.

Re:Hotpatching (1)

thatskinnyguy (1129515) | more than 4 years ago | (#25548793)

Me: Did you shut down the server?
Other Tech: Nope. I thought you did it. Now I can't get to the internet.
Me: Son of a bitch... Automatic Updates again... it needs a power-off and then cold start to work.
*15 minutes later*
Me: Where the hell are the backup tapes?
Other Tech: I have no fucking clue. What the hell did you do?
Me: I learned to never trust automatic updates. That said, I have a resume` to refresh.
Other Tech: But nothing is working still.
Me: Your problem now.
*2 minutes later*
Me: I can't even log on! The fucking AD server is down!

Re:Hotpatching (1)

Darkness404 (1287218) | more than 5 years ago | (#25550023)

What would be smart for Windows to do is to not randomly reboot. For example, I was asked to run a PowerPoint presentation at a funeral. No problems there, except the laptop was running Vista, midway through the presentation the computer showed "Logging Off" and the computer rebooted. Naturally, there wasn't anything I could do about it, I rebooted the thing and it ran mostly smoothly the rest of the way, but seriously MS, by default don't reboot I don't care if its a patch that if not applied it can turn your computer into a script kiddy's toy, I care that my computer doesn't randomly shut down (but then again, I run Linux :))

Re:Hotpatching (2, Insightful)

tlhIngan (30335) | more than 5 years ago | (#25550797)

What would be smart for Windows to do is to not randomly reboot. For example, I was asked to run a PowerPoint presentation at a funeral. No problems there, except the laptop was running Vista, midway through the presentation the computer showed "Logging Off" and the computer rebooted. Naturally, there wasn't anything I could do about it, I rebooted the thing and it ran mostly smoothly the rest of the way, but seriously MS, by default don't reboot I don't care if its a patch that if not applied it can turn your computer into a script kiddy's toy, I care that my computer doesn't randomly shut down (but then again, I run Linux :))

Upgrade your software. Seriously, if you're a business, you shouldn't be using Home versions of the software.

The HOME versions of XP and Vista (XP Home, Vista Home Basic, Vista Home Premium) do this automatically. Supposedly there's a way around it with some registry hacking, but I've never bothered. You get around 5 minutes from when the dialog pops up to hit the "Reboot later" button, which just silences it for another 5 minutes.

Windows XP Pro, Vista Business, Vista Enterprise, and Vista Ultimate pop up a dialog asking you to reboot, but they won't force the nasty cannot-save-force-quits-everything reboot. Considering what you get, the only reason to use the Home versions for work is if work is too cheap to get you a laptop and you use your own. The price difference between Home Premium and Business isn't that much, and will be made up in not having your computer reboot unexpectedly on you.

Re:Hotpatching (1)

mlts (1038732) | more than 5 years ago | (#25550819)

Actually, in production critical environments, they go through a staging process where they try a patch on a test box or two, then put the patch (even if its an out of band emergency fix) on a WSUS server that the production boxes update from.

This is very important. I've seen 0.01 revisions for firmware for a hardware issue which are just relatively small fixes to install make terabytes of data inaccessible until the machine was backed off and restored... and a production machine being down for 7 hours usually means that a sysadmin is going to be fired.

A small business with an Exchange server, SMB server, and a SQL box as a Web backend, its OK to let it update and reboot off of Windows update. Once you get into 24/7 server rooms with 3+ nines uptime, there is no way in Hell you would ever let a machine patch unless someone was there babysitting it, there was a plan to reverse the changes (system restore is not it), the patches were tried and certified in house, and they patches were put on a secure server.

Re:Hotpatching (0)

Anonymous Coward | more than 5 years ago | (#25551097)

Come on you post on Slashdot about using a Windows server in production! for real ?

That's it! I'm switching to a Linux Desktop (5, Funny)

Anonymous Coward | more than 4 years ago | (#25548493)

Slashdot's unbiased coverage of an exploit for a patch that was released last week has finally convinced me to stop using MS products. I'm also beginning to think this MS might be evil as well.

Re:That's it! I'm switching to a Linux Desktop (2, Informative)

Anonymous Coward | more than 5 years ago | (#25549351)

LOL! Yea... especially considering that doing some SIMPLE things like these:

1.) Stopping "File & Print Sharing", via your local connection, removing it as a Client/Protocol there (if you're not on a Lan Manager based OR Active Directory IP based LAN/WAN, or home network? Who cares! It's slowing you down just broadcasting extra packets anyhow OR listening for them too, wasting IO + resources) & the SYSTEM ICON in Control Panel (as to options &/or quick tasks to perform for that) make it a snap to stop it from being effective

----

2.) Removing ALL shares, hidden or otherwise via say, a batchfile (or even DOS command prompt) like:

C:
NET SHARE C$ /DELETE
NET SHARE ADMIN$ /DELETE
NET SHARE IPC$ /DELETE
NET SHARE DFS$ /DELETE
NET SHARE COMCFG$ /DELETE
NET SHARE FAX$ /DELETE
NET SHARE NETLOGON /DELETE
NET SHARE PRINT$ /DELETE
NET USE * /DELETE

----

3.) Stopping the SERVER SERVICE (which allows sharing, & if you're not part of a LAN/WAN (like a single user system online on the internet only), you also save Memory, CPU Cycles, & Other I/O by cutting said service (via service.msc & setting its default startup type to DISABLED, & stopping it there also, once you doubleclick on it in the list)

That also, can stop this exploit from being effective - as IT is what permits shares & file + print sharing...

----

See - Technically, afaik, @ this point (haven't read the EXACT details of this thing's coding & methods though, via this RECENT CURRENT news on it)?

Each/ALL/ANY of those measures SHOULD work, just fine, in mitigating this prior to applying this patch (especially if you're a standalone machine on the internet @ home, with no home LAN present)...

(AND PLEASE - Feel free to correct me if I am off/wrong here fellas... thanks, as again, I have not "RTFA" (/. badge of honor, lol), yet as I noted above...)

APK

P.S.=> Afaik? That's more than adequate to stop this being exploitable, because if there are no SHARED DISKS present? How can you get to anything to execute anything?? File ACL's also being set (to stop remote NETWORK SERVICE, or other remote capable services &/or user-entities, except that which YOU use) helps moreso than the above, maybe overkill, but worth doing & should be by everyone anyhow, imo @ least... apk

Hilarious:Downmod 4 telling how to stop it, -patch (0)

Anonymous Coward | more than 5 years ago | (#25549989)

I can't figure out WHY I was modded-down as "TROLL" when I am just teling how to fix this, even WITHOUT a patch (just stall the server service, if you are a single machine using "standalone" connected to the internet - of the 3 methods for protection vs. this exploit, I feel it is the easiest AND most effective overall (for security AND performance in fact, both))...

What's the matter, Pro-*NIX'ers? Can't stand the fact that even without a patch put into place, this is easily resolved for Windows users??

(I ask that, because I cannnot think of any other reason OR group of people doing that (except the "Pro-*NIX" crew here, @ /., lol!))

Hey, fact is?

Just doing ANY (preferably ALL) of what I wrote in my last post you modded down, really OUGHT to be enough to stop this from even harming anyone, EVEN WITHOUT APPLYING SAID PATCH (but, do apply it anyways)

Thus? A websurfer on a single "standalone" (using that term loosely here) online on the internet is easily secured & made invulnerable vs. this exploit, afaik!

(Via 3 separately easily issued commands (either graphically, or via commandline/terminal usage/DOS Prompt usage (or, via batch @ EVERY bootup for instance)))

NOW, please - If I am technically incorrect on ANY of my points above, & I even noted them here when this first surfaced a week++ ago:

----

Microsoft to Issue Emergency Patch For File-Sharing Hole:

http://tech.slashdot.org/comments.pl?sid=1005777&cid=25487197 [slashdot.org]

(I wrote the same there as well, as I did in my last post I am replying to myself here, because of this imo totally unjustified mod-down, & in the URL link above there was no "mod-down" either... least of all, for "troll"...)

----

DO please correct me where I am technically incorrect, please do, if I am...

However, don't just "mod me down" as "Troll" when I haven't 'trolled' anything, & only told some simple methods a user can be safe vs. this attack afaik!

(Again, without even patching their OS (& saving CPU cycles, memory, & various forms of I/O too, by stalling services you may not require, &/or Protcols + Network Clients broadcast as well... making you work a little bit faster too, as a bonus!))

APK

P.S.=> If you're going to down-mod me, @ least do it for valid reasons & say why, on a valid technical basis @ least, in other words... apk

APK

how our 'focus' has shifted to money exclusively.. (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#25548533)

it's all right in the manual. talk about mass hypenosys?

greed, fear & ego (in any order) are unprecedented evile's primary weapons. those, along with deception & coercion, helps most of us remain (unwittingly?) dependent on its' life0cidal hired goons' agenda. most of yOUR dwindling resources are being squandered on the 'wars', & continuation of the billionerrors stock markup FraUD/pyramid schemes. nobody ever mentions the real long term costs of those debacles in both life & any notion of prosperity for us, or our children, not to mention the abuse of the consciences of those of us who still have one. see you on the other side of it. the lights are coming up all over now. conspiracy theorists are being vindicated. some might choose a tin umbrella to go with their hats. the fairytail is winding down now. let your conscience be yOUR guide. you can be more helpful than you might have imagined. there are still some choices. if they do not suit you, consider the likely results of continuing to follow the corepirate nazi hypenosys story LIEn, whereas anything of relevance is replaced almost instantly with pr ?firm? scriptdead mindphuking propaganda or 'celebrity' trivia 'foam'. meanwhile; don't forget to get a little more oxygen on yOUR brain, & look up in the sky from time to time, starting early in the day. there's lots going on up there.

we note that yahoo deletes some of its' (relevant) stories sooner than others. maybe they're short of disk space, or something?
http://news.google.com/?ncl=1216734813&hl=en&topic=n
http://www.cnn.com/2008/TECH/science/09/23/what.matters.thirst/index.html
http://www.nytimes.com/2007/12/31/opinion/31mon1.html?em&ex=1199336400&en=c4b5414371631707&ei=5087%0A
(deleted)http://news.yahoo.com/s/ap/20080918/ap_on_re_us/tent_cities;_ylt=A0wNcyS6yNJIZBoBSxKs0NUE
http://www.nytimes.com/2008/05/29/world/29amnesty.html?hp
http://www.cnn.com/2008/US/06/02/nasa.global.warming.ap/index.html
http://www.cnn.com/2008/US/weather/06/05/severe.weather.ap/index.html
http://www.cnn.com/2008/US/weather/06/02/honore.preparedness/index.html
http://www.cnn.com/2008/TECH/science/09/28/what.matters.meltdown/index.html#cnnSTCText
http://www.cnn.com/2008/SHOWBIZ/books/10/07/atwood.debt/index.html
http://www.nytimes.com/2008/06/01/opinion/01dowd.html?em&ex=1212638400&en=744b7cebc86723e5&ei=5087%0A
http://www.cnn.com/2008/POLITICS/06/05/senate.iraq/index.html
http://www.nytimes.com/2008/06/17/washington/17contractor.html?hp
http://www.nytimes.com/2008/07/03/world/middleeast/03kurdistan.html?_r=1&hp&oref=slogin
(deleted, still in google cache)http://biz.yahoo.com/ap/080708/cheney_climate.html
http://news.yahoo.com/s/politico/20080805/pl_politico/12308;_ylt=A0wNcxTPdJhILAYAVQms0NUE
http://www.cnn.com/2008/POLITICS/09/18/voting.problems/index.html
(deleted)http://news.yahoo.com/s/nm/20080903/ts_nm/environment_arctic_dc;_ylt=A0wNcwhhcb5It3EBoy2s0NUE
(talk about cowardlly race fixing/bad theater/fiction?) http://money.cnn.com/2008/09/19/news/economy/sec_short_selling/index.htm?cnn=yes
http://us.lrd.yahoo.com/_ylt=ApTbxRfLnscxaGGuCocWlwq7YWsA/SIG=11qicue6l/**http%3A//biz.yahoo.com/ap/081006/meltdown_kashkari.html
http://www.nytimes.com/2008/10/04/opinion/04sat1.html?_r=1&oref=slogin
(the teaching of hate as a way of 'life' synonymous with failed dictatorships) http://news.yahoo.com/s/ap/20081004/ap_on_re_us/newspapers_islam_dvd;_ylt=A0wNcwWdfudITHkACAus0NUE
(some yoga & yogurt makes killing/getting killed less stressful) http://news.yahoo.com/s/ap/20081007/ap_on_re_us/warrior_mind;_ylt=A0wNcw9iXutIPkMBwzGs0NUE
(the old bait & switch...your share of the resulting 'product' is a fairytail nightmare?)
http://news.yahoo.com/s/ap/20081011/ap_on_bi_ge/where_s_the_money;_ylt=A0wNcwJGwvFIZAQAE6ms0NUE

is it time to get real yet? A LOT of energy is being squandered in attempts to keep US in the dark. in the end (give or take a few 1000 years), the creators will prevail (world without end, etc...), as it has always been. the process of gaining yOUR release from the current hostage situation may not be what you might think it is. butt of course, most of US don't know, or care what a precarious/fatal situation we're in. for example; the insidious attempts by the felonious corepirate nazi execrable to block the suns' light, interfering with a requirement (sunlight) for us to stay healthy/alive. it's likely not good for yOUR health/memories 'else they'd be bragging about it? we're intending for the whoreabully deceptive (they'll do ANYTHING for a bit more monIE/power) felons to give up/fail even further, in attempting to control the 'weather', as well as a # of other things/events.

http://www.google.com/search?hl=en&q=weather+manipulation&btnG=Search
http://video.google.com/videosearch?hl=en&q=video+cloud+spraying

'The current rate of extinction is around 10 to 100 times the usual background level, and has been elevated above the background level since the Pleistocene. The current extinction rate is more rapid than in any other extinction event in earth history, and 50% of species could be extinct by the end of this century. While the role of humans is unclear in the longer-term extinction pattern, it is clear that factors such as deforestation, habitat destruction, hunting, the introduction of non-native species, pollution and climate change have reduced biodiversity profoundly.' (wiki)

"I think the bottom line is, what kind of a world do you want to leave for your children," Andrew Smith, a professor in the Arizona State University School of Life Sciences, said in a telephone interview. "How impoverished we would be if we lost 25 percent of the world's mammals," said Smith, one of more than 100 co-authors of the report. "Within our lifetime hundreds of species could be lost as a result of our own actions, a frightening sign of what is happening to the ecosystems where they live," added Julia Marton-Lefevre, IUCN director general. "We must now set clear targets for the future to reverse this trend to ensure that our enduring legacy is not to wipe out many of our closest relatives."

"The wealth of the universe is for me. Every thing is explicable and practical for me .... I am defeated all the time; yet to victory I am born." --emerson
consult with/trust in yOUR creators. providing more than enough of everything for everyone (without any distracting/spiritdead personal gain motives), whilst badtolling unprecedented evile, using an unlimited supply of newclear power, since/until forever. see you there?

"If my people, which are called by my name, shall humble themselves, and pray, and seek my face, and turn from their wicked ways; then will I hear from heaven, and will forgive their sin, and will heal their land."--chronicles

Clarification (5, Informative)

Raconteur (1132577) | more than 4 years ago | (#25548535)

Just in case the /. entry seemed as ambiguous to you as it did to me, the linked article states "Our investigation has shown that it does not affect customers who have installed the update."

But not everyone has installed the update. (5, Insightful)

khasim (1285) | more than 4 years ago | (#25548649)

This is added incentive to complete YOUR testing of this patch ASAP.

Remember, only incompetent admins apply patches without testing them.

In our environment, the patch would have been put into testing the day after it was released (no sense getting caught by a brown paper bag bug) and then into production NEXT Sunday.

With a known exploit out there, we'd be getting more people to test the test systems TODAY. With the goal of putting the patch into production TOMORROW evening.

Re:But not everyone has installed the update. (4, Insightful)

DigiShaman (671371) | more than 4 years ago | (#25549077)

Remember, only incompetent admins apply patches without testing them.

Cool.

Sounds like your part of an internal IT department of a big corporation. Well, I'm not. I admin several small businesses network which contain 5 to 20 users. Each company has one server which runs Windows SBS. So, testing isn't an option. Should there be a problem, I have no choice but to pull it out via the Add/Remove program list.

So, do you think I'm an incompetent admin given what I have to work with?

Re:But not everyone has installed the update. (0)

Anonymous Coward | more than 4 years ago | (#25549107)

Yes.

But not for any particular reason.

Re:But not everyone has installed the update. (2, Insightful)

Fulcrum of Evil (560260) | more than 5 years ago | (#25549423)

So, do you think I'm an incompetent admin given what I have to work with?

Sure. You don't have a test network to at least smoke patches on or you would've said something. What happens when your SBS box barfs? how long is recovery and when's the last time you tried it?

Re:But not everyone has installed the update. (1)

homesteader (585925) | more than 5 years ago | (#25549975)

Sure, and in the real world, every small business is going to spend massive amounts of money to protect an IT infrastructure, even though when it's down they might not actually lose any money.

That's how all of my clients work.

Re:But not everyone has installed the update. (4, Informative)

DigiShaman (671371) | more than 5 years ago | (#25550341)

Sure. You don't have a test network to at least smoke patches on or you would've said something

A fifteen user network all running off a cable modem, router/firewall, and Windows 2003 SBS. Sure, let me pitch the sale for them to purchase another SBS box (for testing purposes only) and the billable time required for each test required per monthly patch cycle...

What happens when your SBS box barfs

Rebuild it, add PCs back to the domain, and restore user data and exchange data. I've done it before and it's a lot cheaper alternative to the one above. Funny isn't? Sometimes it's cheaper to let a server crash and burn than spend money on preventive maintenance. It's all in how much the customer wants to spend.

virtualization (1)

TheLink (130905) | more than 5 years ago | (#25550297)

Depending on what sort of software is running on those servers, and what those companies allow you to do, you could do _some_ testing with vmware server.

Stuff like vmware server is free. Download it and install it.

Create a windows guest with the required virtual hardware.

Install the cheapest licensed Windows SBS on it.

Make copies for testing different software configurations and scenarios.

The courts in my country are unlikely to smack me down as long as I don't run them all at the same time, but your country might be different so consult your lawyer :).

If just a single Windows SBS license costs too much money, you might be able to get away with something like Windows XP just to test the Microsoft Windows Update cycle for any "obvious problems".

Would be strange that you can't afford the USD600+ (inclusive of the 2 x 500GB drives for storing all those vmware images), if you're doing this as a business. Maybe you should bill those companies a bit more.

I'm assuming you have your own PC, and are not some person stuck with using library/cybercafe computers (in which case installing vmware server is out).

You'll still need a windows client of course, but you can also use that windows client in vmware server for testing various client configs as well.

BTW there are free linux distros that you can run vmware server on. So you spend money on 1 x windows client, 1 x windows server and 2 x 500GB (or even 1TB) hard drives.

Re:But not everyone has installed the update. (1)

citylivin (1250770) | more than 4 years ago | (#25549171)

"Remember, only incompetent admins apply patches without testing them."

I hope you don't think this applies to every environment out there. I am sure some very tightly integrated, heavily customized servers require this level of paranoia, but for most systems / environments, security patches do VASTLY more good than harm. You cant test for everything anyway no matter how hard you try.

Id rather explain to my CEO that I broke an app because I was trying to be safe and secure than get hit by a worm (pants down), with my only excuse being that I didn't want to roll out something that might POSSIBLY fuck shit up. Because at that point shit WOULD definitely be fucked up, and it would be my fault for not testing fast enough.

But again, it depends on your organization. Security patches from M$ have historically been pretty good. You also have the ability to blame them if shit hits the fan. Odds are many other people will have issues if the patch is THAT badly designed.

This seemed like a major issue (codered or mydoom level worm potential). When I read of it last week, I made sure all the machines were patched and rebooted ASAP. Like always its a judgement call you have to make with these things. I take a major issue with being called incompetent because I'd rather protect myself than blindly follow "Best practices".

Singin' The Zero-Day Blues (1)

bill_mcgonigle (4333) | more than 5 years ago | (#25550025)

Remember, only incompetent admins apply patches without testing them.

In our environment, the patch would have been put into testing the day after it was released (no sense getting caught by a brown paper bag bug) and then into production NEXT Sunday.

Your strategy fails to deal with certain 0-day scenarios. Not that competent admin would actually run critical services on Windows.

Sauce (0)

Anonymous Coward | more than 4 years ago | (#25548619)

If anyone's interested.
http://milw0rm.com/sploits/2008-MS08-067.rar

Re:Sauce (1)

tylerni7 (944579) | more than 5 years ago | (#25549861)

<warning/ > For anyone thinking about clicking that link, it seems to be a legitimate rar containing source code and an executable for an exploit, looks to be this one.

Now that your curiosity it settled, you probably shouldn't click that unless you trust the owner/controller of milw0rm.com to not infect whichever system you have. </warning >

OMG I'M PISSED (0)

Anonymous Coward | more than 4 years ago | (#25548647)

Windows Rocks!

And, you'd [i]have[/i] to be pissed to think like me....

Re:OMG I'M PISSED (0)

Anonymous Coward | more than 4 years ago | (#25549025)

pissed off or piss drunk?...or both?

Re:OMG I'M PISSED (0)

Anonymous Coward | more than 5 years ago | (#25549311)

Latter.

the droning *gong* of microsoft cracks (3, Interesting)

drDugan (219551) | more than 4 years ago | (#25548679)

This is like a droning gong.

*Gong* Bring out your dead *Gong* Windows is insecure *Gong* Bring out your dead *Gong*

It seems to me there is a fatigue that sets in regarding unpleasant information. How many times does one have to hear a thing, especially an unpleasant thing they don't want to hear, before that person stop listening to it? This happens to me at least. We see this (as a parallel) in politics all the time, when we're told this guy or that person broke the law. Its like a background din you have to tune out to get through the day.

It's made worse because there is no solution.

For the user of windows, there is nothing they can do about the fundamental insecurity that leads to repeated, consistent, and regular security updates like this. The only option is to change OS, which if you're the average computer user, that is not an option without significant expense. It's unpleasant to hear that crackers are breaking into computers and turning them into zombie swarms of attacking botnets. Hear the same bad thing enough times, eventually people stop listening.

I was fortunate: my windows laptop was stolen in 2004 and I made the switch, and now use Mac and Linux now exclusively. Not that Mac is any panacea - I still can't stand Finder, I think it is awful, and curse it every time I need to move a few files to some other folder on another drive (usually I just use "mv"). BUT at least I'm not forced to start ignoring serious security threats that I can't prevent or address effectively. (I don't consider a long series of "After the crack" patches effectively addressing the problem)

Re:the droning *gong* of microsoft cracks (0)

Anonymous Coward | more than 4 years ago | (#25549037)

I think you are confused. This article is talking about the same bug as before. It's just now there is an active exploit out there going for systems that have not been updated.

With that said, I don't run Windows unless it's in a throwaway VM. I can't believe anyone would actually run it as their primary OS.

I'm not Microsoft lover, but (5, Insightful)

dkleinsc (563838) | more than 4 years ago | (#25548725)

I'll give them credit for patching this quickly. This could have been Yet Another Windows Worm (TM) that brings all legitimate network traffic to a halt. And us Slashdotters have been after them for years for taking too long to patch things, so it would be completely hypocritical to get pissed at them for doing what we'd want them to do.

I'll hate them for having the exploit possible in the first place, I'll hate them for requiring reboots, I'll hate them for forcing crappy software down our throats, but every once in a while they do something right.

Re:I'm not Microsoft lover, but (1)

Johnny Loves Linux (1147635) | more than 4 years ago | (#25548971)

Problem is, that this could *still* become another worm if enough Windows users don't apply the patch. Does windows update guarantee that this patch will eventually be applied to every Windows machine?

Re:I'm not Microsoft lover, but (1, Insightful)

X0563511 (793323) | more than 4 years ago | (#25549041)

It would, but for their intentional denial of updates to "illegitimate" installations.

Re:I'm not Microsoft lover, but (2, Informative)

Macthorpe (960048) | more than 4 years ago | (#25549121)

You've always been able to automatically update even cracked copies of Windows automatically, you just can't do it via update.microsoft.com.

I'm not sure where you've got your information from.

Re:I'm not Microsoft lover, but (0)

pembo13 (770295) | more than 5 years ago | (#25549663)

Do you know when they found out it?

Re:I'm not Microsoft lover, but (1)

0100010001010011 (652467) | more than 5 years ago | (#25550303)

How the fuck does this keep happening? I can understand a remote exploit here and there. But seriously. How dumb/slow/lack of testing do you have to be to put these in the wild. Last bug that made Slashdot affected everything back through like 98 or something. I know "MS sux" is the big joke around here, but seriously.

If it's because Windows is the Most used OS in the world, why don't we hear about Apache remote exploits? With Apple and Linux taking market share with College kids and the Server market why aren't we hearing about these remote exploits with them?

Seriously, What the Fuck.

Microsoft didn't downplay this (5, Informative)

Anonymous Coward | more than 4 years ago | (#25548789)

Instead they issued an out-of-cycle patch and they gave it a very high severity rating in their bulletins. None of us are Microsoft lovers. But you don't have to lie to us just to be able to pat us on the back. It's disgusting, please stop it.

Re:Microsoft didn't downplay this (3, Informative)

felipekk (1007591) | more than 5 years ago | (#25549549)

Please mod parent up.

Microsoft even contacted partners to make sure they were applying the patch as soon as possible.

I don't know where the author got the downplaying from...

Cut & Paste (1)

westlake (615356) | more than 4 years ago | (#25549239)

Just a day after downplaying the vulnerability that caused it to issue an out-of-cycle patch last week, Microsoft warned customers late yesterday that exploit code had gone public and was being used in additional attacks

.
How does this translate into downplaying the threat?

October 23, 2008 (IDG News Service) Microsoft Corp. fixed a critical bug in its Windows operating system Thursday, saying that it is being exploited by online criminals and could eventually be used in a widespread "worm" attack.

Microsoft took the unusual step of issuing an emergency patch for the flaw several weeks ahead of its regularly scheduled November security updates, saying that vulnerability is being exploited in "limited targeted attacks." The company had already announced plans to rush out the patch.

"It is possible that this vulnerability could be used in the crafting of a wormable exploit. If successfully exploited, an attacker could then install programs or view, change, or delete data; or create new accounts with full user rights," Microsoft said in a bulletin released Thursday morning. Microsoft releases emergency Windows patch to head off worm attack [computerworld.com] {Oct 23]

New Windows bug differs from 2006 flaw, Microsoft says [nytimes.com] [Oct 27]

Metasploit (4, Informative)

slimjim8094 (941042) | more than 5 years ago | (#25549373)

Be warned; this is already on metasploit. The intrepid can find this for themselves...

Testing it to see if it actually works though.

Re:Metasploit (1)

Darkness404 (1287218) | more than 5 years ago | (#25550079)

The intrepid can find this for themselves...

Well, unless this thing runs in WINE so I doubt those who are intrepid can find it for themselves...

(For those who are clueless and won't get the joke, Intrepid Ibex is the codename for Ubuntu 8.10)

If only... (1)

SupremoMan (912191) | more than 5 years ago | (#25549431)

If only the writers of malicious programs dropped their Windows XP support when Microsoft does... What are my options when dark day comes?

Re:If only... (0)

Anonymous Coward | more than 5 years ago | (#25549525)

patch the MS binaries yourself. You know assembly, right? Well go get yourself a good disassembler, a good assembler, a good text editor, and get cracking! ...and patching, after you've done the cracking.

Re:If only... (1)

Computershack (1143409) | more than 5 years ago | (#25550205)

If you were running Vista, you'd not need to be worried by this.

Link to exploit... (1)

hitchhacker (122525) | more than 5 years ago | (#25549723)

From milw0rm here [milw0rm.com]

-metric

Firewall (0)

Anonymous Coward | more than 5 years ago | (#25549847)

Umm, use a firewall to block windows RPC/SMB; if you have these services exposed to the public internet you deserve what you get.

Vista rulez... (2, Interesting)

Computershack (1143409) | more than 5 years ago | (#25550187)

Glad I'm running Vista or I might have to look like I remotely give a shit about something that might affect me if I weren't connected to the internet via a router running NAT you know, just like pretty much most people on broadband are?

Seriously, this is only really gonna be a problem to someone connecting on dialup and it's gonna take so fucking long to send the information that the person running the exploit is most likely to have died from old age before they get anything worth a toss.

Re:Vista rulez... (0)

Anonymous Coward | more than 5 years ago | (#25550495)

How do you know "most people" use a router on broadband?

Where is the guy that tags Haha? (0)

Anonymous Coward | more than 5 years ago | (#25550529)

He's slackin' off...

Get the real Nelson in here

NT4 Affected By This? (1)

ScottCooperDotNet (929575) | more than 5 years ago | (#25550611)

As Windows 2000 is affected by this vulnerability, I'm wondering if NT4 is as well. There's a still a sprinkle of NT4 servers about hidden in the back of server rooms. Will this be the push to finally replace them?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>