Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

40 Windows Apps Said To Contain Critical Bug

timothy posted more than 4 years ago | from the and-the-other-ones-are-worse dept.

Bug 158

CWmike writes "About 40 different Windows applications contain a critical flaw that can be used by attackers to hijack PCs and infect them with malware, says HD Moore, chief security officer at Rapid7 and creator of the open-source Metasploit penetration-testing toolkit. Gregg Keizer reports that the bug was patched by Apple in its iTunes software for Windows four months ago, but remains in more than three dozen other Windows programs. Moore did not reveal the names of the vulnerable applications or their makers, however. Each affected program will have to be patched separately. Moore first hinted at the widespread bug in a message on Twitter on Wednesday. 'The cat is out of the bag, this issue affects about 40 different apps, including the Windows shell,' he tweeted, then linked to an advisory published by Acros, a Slovenian security firm."

cancel ×

158 comments

Sorry! There are no comments related to the filter you selected.

The Parrot says it best. (4, Funny)

Anonymous Coward | more than 4 years ago | (#33304502)

Re:The Parrot says it best. (2, Informative)

X0563511 (793323) | more than 4 years ago | (#33304574)

Thanks... you just made my day.

Re:The Parrot says it best. (1)

timberwolf753 (1064802) | more than 4 years ago | (#33305132)

Bravo sir.. Also I am not surprised :-)

Only 40? (2, Insightful)

Anonymous Coward | more than 4 years ago | (#33304518)

Only 40? That's definitely an improvement over the 7 year old Linux exploit that was only just fixed where any GUI app could gain root access.

Re:Only 40? (1)

Bananatree3 (872975) | more than 4 years ago | (#33304540)

And to those who run commandline, pffft.

Re:Only 40? (3, Insightful)

Anonymous Coward | more than 4 years ago | (#33304888)

Technically, any GUI app could gain root access, but this doesn't mean a computer running trusted applications (I trust the apps I run to not gain root and mess with my system) could be exploited without another bug.

Still probably doesn't compare, and still very bad, but let's not turn it into a bigger scare than it really is.

Re:Only 40? (3, Insightful)

ByOhTek (1181381) | more than 4 years ago | (#33305142)

The problem is - trusted applications can have holes too.

I mean, many people trust iTunes, and that was one of the apps with the holes (admittedly fixed).

Are you 100% certain ALL of your trusted applications don't have holes, and the versions you ran in the last 7 years didn't have holes?

The GUI issue was a HUGE problem - however it is/was fixed, which is the important part.

Re:Only 40? (2, Informative)

hairyfeet (841228) | more than 4 years ago | (#33305724)

If you are really worried about holes in your apps perhaps you should be running Comodo Internet Security [comodo.com] or Comodo AV (same link) which by default sandboxes ALL apps you run unless you tell it otherwise. I've found a good 9 out of 10 apps run just fine in a sandbox, and Comodo makes it easy to sandbox any app and by default will sandbox new apps and new installs to protect your PC. Oh and it is 100% free too, with no nag emails or need to register.

Since giving my customers and family Comodo I've found the amount of crapware and malware I have to deal with has gone WAY down, since its default settings seems to help protect even the most clueless user. It also uses a hell of a lot less resources than the other free AV/Firewalls (it is currently using a grand total of 22Mb RAM and 0% CPU on Windows 7 HP X64, and I have similar numbers in XP SP3) so to me it is a no brainer. Better safe than sorry is my motto and if an app runs fine in a sandbox, why should I allow it access to the underlying OS?

Re:Only 40? (1)

frist (1441971) | more than 4 years ago | (#33305824)

Wait, you're running a product that provides registry/file virtualization on an OS that already provides registry/file virtualization (windows 7)? This makes sense how?

Re:Only 40? (2, Interesting)

C0vardeAn0nim0 (232451) | more than 4 years ago | (#33306056)

makes sense because the native registry/file virtualization is provided by MICROSOFT, and this being slashdot, the mantra is "anything windows does, a third party app does better, because M$ SUCKS!!!", unless it's "shitty iTunes bloatware for windows".

Re:Only 40? (2, Interesting)

hairyfeet (841228) | more than 4 years ago | (#33306078)

Because what you are calling "registry/file virtualization" has NOTHING to do with security and is simply a hack to allow x86 apps to run on x64? And time and time again we have seen the bad guys blow through Windows security measures since it is the biggest market and therefor offers the biggest rewards? Plus with the Windows 7 version you have no control whatsoever, and I have noticed it really doesn't seem to care what gets dumped in "Program Files(x86) as long as you click yes that first time, Whereas with Comodo I am in control, and I get to say what is allowed and what isn't. And if you'll look up the video reviews posted on Youtube where they try to infect Comodo with malware you'll see time and time again it stop the nasties cold.

Look it is 100% free, has less overhead than every other free AV I've ever tried AND it comes with built in sandboxing. I think the better question is why not use it when there are so many bad guys trying to hack PCs out there? It isn't like 22Mb for an AV AND a firewall is all that much with the multiGb machines of today, so why not add that extra layer of security if it costs nothing?

Re:Only 40? (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#33305356)

It's not Linux's fault the bug wasn't discovered. As you Windows fan boys like to point out, bugs are only discovered in mass quantities on Windows because it's a popular target (all software is equally buggy in your world). If Linux were popular the bug would have been discovered faster, right?

Now if we know the turnaround on bug fixing *after discovery* to be faster with many open source projects compared to Microsoft closed products... doesn't that mean that if Linux becomes popular it will be more secure sooner than Windows on average?

In your face wintard!!!! Nah nah nah nah nah nah nah nah hey hey hey goodbye!

I Wish I Had the Luxury of Worrying About This... (1, Funny)

Bananatree3 (872975) | more than 4 years ago | (#33304522)

But alas, I'm running Linux :)

Re:I Wish I Had the Luxury of Worrying About This. (2, Informative)

betterunixthanunix (980855) | more than 4 years ago | (#33304552)

Re:I Wish I Had the Luxury of Worrying About This. (5, Interesting)

0123456 (636235) | more than 4 years ago | (#33304644)

Then worry about this:

Yeah, I'm far more worried about a _fixed_ exploit that requires I install a malicious GUI app than an active exploit that just requires I open a malicious Word document.

Re:I Wish I Had the Luxury of Worrying About This. (1, Insightful)

Lunix Nutcase (1092239) | more than 4 years ago | (#33304782)

Just because a patch was issued doesn't mean every single system was patched and that there won't be countless people still running a vulnerable version.

Re:I Wish I Had the Luxury of Worrying About This. (0, Flamebait)

0123456 (636235) | more than 4 years ago | (#33304862)

Just because a patch was issued doesn't mean every single system was patched and that there won't be countless people still running a vulnerable version.

So now the disto just has to install a malicious trojan on their system and they're doomed. Because if the distro developers are malicious, that would be so much easier than just installing a trojan that runs as root.

I honestly don't see why people can't understand the huge difference between requiring malicious software to be installed on your PC by a software updater that _already runs as root and can change any file on the system_ and requiring you to open a malicious Word document.

Sure, maybe Joe Sixpack is dumb enough to install a random 'Naked Chicks Screensaver' that exploits a Linux bug, but the vast majority of people only install software from their Linux distro, which they have little choice but to trust.

Re:I Wish I Had the Luxury of Worrying About This. (1)

Lunix Nutcase (1092239) | more than 4 years ago | (#33304918)

Sure, maybe Joe Sixpack is dumb enough to install a random 'Naked Chicks Screensaver' that exploits a Linux bug, but the vast majority of people only install software from their Linux distro, which they have little choice but to trust.

Well hopefully that distro didn't download the trojaned version of unrealIRCD that it's own developers didn't realize someone had switched. Or are the developers of that program and anyone who trusted that what they were sharing wasn't trojaned are just "dumb Joe Sixpacks"?

Re:I Wish I Had the Luxury of Worrying About This. (1)

0123456 (636235) | more than 4 years ago | (#33305028)

If your distro is installing malicious software on your system, then you have much more to worry about than an X-server bug.

Re:I Wish I Had the Luxury of Worrying About This. (1)

Lunix Nutcase (1092239) | more than 4 years ago | (#33305074)

You assume they would be doing it purposefully which isn't necessarily true. In the case of unrealIRCD not even the developers of the program knew that the version they were serving had been switched to a version with a trojan in it until months after they had been serving the files.

Re:I Wish I Had the Luxury of Worrying About This. (1)

0123456 (636235) | more than 4 years ago | (#33305158)

In the case of unrealIRCD not even the developers of the program knew that the version they were serving had been switched to a version with a trojan in it until months after they had been serving the files.

Yeah, one tar file on one server had been hacked. If your distro is downloading random unauthenticated tar files (no signature, not even a checksum) and shipping them out to end-users then you have much bigger problems than a random X-server exploit.

Re:I Wish I Had the Luxury of Worrying About This. (1)

Lunix Nutcase (1092239) | more than 4 years ago | (#33305204)

If your distro is downloading random unauthenticated tar files (no signature, not even a checksum) and shipping them out to end-users then you have much bigger problems than a random X-server exploit.

Because downloading a file from the official of the program is equivalent to downloading a random file from an untrusted server? lolwut?

Re:I Wish I Had the Luxury of Worrying About This. (1)

Lunix Nutcase (1092239) | more than 4 years ago | (#33305222)

official website*

Re:I Wish I Had the Luxury of Worrying About This. (1)

Lunix Nutcase (1092239) | more than 4 years ago | (#33305346)

Also, where else do you expect a distro developers to download the source code for a program if not from the official upstream developer themselves (which is where the trojaned version was pulled from)?

Re:I Wish I Had the Luxury of Worrying About This. (1)

Lunix Nutcase (1092239) | more than 4 years ago | (#33305136)

Just to further elaborate, there is nothing in the case of the Xorg exploit that says that the vulnerability in the program that allows the someone to use the exploit has to have been put in their purposefully. So this whole notion about distros and their package managers is just a big red herring.

Re:I Wish I Had the Luxury of Worrying About This. (1)

VGPowerlord (621254) | more than 4 years ago | (#33304950)

I honestly don't see why people can't understand the huge difference between requiring malicious software to be installed on your PC by a software updater that _already runs as root and can change any file on the system_ and requiring you to open a malicious Word document.

I honestly don't see why you seem to think that the XOrg vulnerability has something to do with your software updater, rather than being one where any GUI app run by any user can run anything as root.

Re:I Wish I Had the Luxury of Worrying About This. (1, Flamebait)

0123456 (636235) | more than 4 years ago | (#33305000)

I honestly don't see why you seem to think that the XOrg vulnerability has something to do with your software updater, rather than being one where any GUI app run by any user can run anything as root.

Sigh.

Which part of 'the only way the average Linux user is going to be running malicious software is if their distro ships it to them' is proving so hard for Windows users to understand?

Re:I Wish I Had the Luxury of Worrying About This. (2, Interesting)

betterunixthanunix (980855) | more than 4 years ago | (#33305078)

The part where an exploit that allows malicious programs to be run without the user's knowledge? Or did you think there were no such exploits?

For the record, I am a Fedora user, not a Windows user. I am willing to acknowledge when there is a security problem. I am glad it was fixed, but that does not imply that it was not a real problem.

Re:I Wish I Had the Luxury of Worrying About This. (1)

0123456 (636235) | more than 4 years ago | (#33305128)

The part where an exploit that allows malicious programs to be run without the user's knowledge? Or did you think there were no such exploits?

So in order to exploit this exploit you need to make up another exploit which already allows them to do anything on my PC with my user privileges, which means that they've already installed a keylogger in Firefox and stolen my bank passwords and I no longer give a flying monkey turd about whether they've trashed my OS.

How far down this 'but what if there was another exploit too!' rabbit-hole do you intend to run?

Re:I Wish I Had the Luxury of Worrying About This. (1)

betterunixthanunix (980855) | more than 4 years ago | (#33305198)

Actually, the attack allowed malicious code to bypass SELinux, which is often to used to prevent exploits that run with user privileges from accomplishing much.

Why are you downplaying the significance of this attack?

Re:I Wish I Had the Luxury of Worrying About This. (1)

Lunix Nutcase (1092239) | more than 4 years ago | (#33305252)

You might as well give up. Anything you say is going to be thrown back at you with in some ridiculous caricatured form in order for him to dispute it.

Re:I Wish I Had the Luxury of Worrying About This. (2)

Lunix Nutcase (1092239) | more than 4 years ago | (#33305290)

So in order to exploit this exploit you need to make up another exploit which already allows them to do anything on my PC with my user privileges, which means that they've already installed a keylogger in Firefox and stolen my bank passwords and I no longer give a flying monkey turd about whether they've trashed my OS.

No. In fact, for example, a maliciously-formed PDF file opened in a PDF reader, even if that reader is run in a sandbox, can be used to gain root through the exploit.

Re:I Wish I Had the Luxury of Worrying About This. (0)

Anonymous Coward | more than 4 years ago | (#33305796)

Assuming that xpdf has an exploit. Or that someone is running acrobat for linux for some weird reason.

Re:I Wish I Had the Luxury of Worrying About This. (2, Interesting)

mandelbr0t (1015855) | more than 4 years ago | (#33305552)

Exploitable != Malicious. A system without stack protection is an accident waiting to happen. You should read up on how stack protections [wikipedia.org] eliminate an entire class of exploits, and how subtle exploitable code really is. Even the .NET compiler includes stack protection. I have no idea why Linux has not adopted the use of ProPolice across the board.

My previous response was not a troll; it was based on years of experience running Windows, Linux, Mac and BSD machines. Linux is the most brittle of all of the systems I've used. Even remaining up-to-date from the distro is very little protection, since the underlying problem is not being addressed. Nearly every Linux distro could ship with better security, but SELinux and ProPolice are not enabled by default.

Re:I Wish I Had the Luxury of Worrying About This. (3, Insightful)

betterunixthanunix (980855) | more than 4 years ago | (#33305040)

Or Joe Sixpack visits a website with a Flash applet, and there happens to be a vulnerability in Flash player that allows those applets to issue requests directly to the X server. Or, Joe Sixpack opens a PDF file using acroread, and there is a vulnerability in acroread. Or any number of other vulnerabilities; all an attack needs is to be able to issue requests directly to the X server.

It really was not a trivial, uninteresting bug. It was a serious security problem for desktop Linux users that had been around for years.

Re:I Wish I Had the Luxury of Worrying About This. (1, Funny)

Lunix Nutcase (1092239) | more than 4 years ago | (#33305098)

But...but...those are clearly just dumb Winblows users!!! HURP DURP!!!

Re:I Wish I Had the Luxury of Worrying About This. (1)

X0563511 (793323) | more than 4 years ago | (#33305286)

.. and that's better than the unpatched issue we're discussing how?

Re:I Wish I Had the Luxury of Worrying About This. (1)

Lunix Nutcase (1092239) | more than 4 years ago | (#33305394)

No, of course not and I wasn't implying such a ridiculous thing either. But to act as if just because there is patch out that the issue is now non-existent is silly. It's no different to back when code red was a big problem. Even after Microsoft pushed out a patch, for many months after there were still people spreading the infection due to not updating their systems.

Re:I Wish I Had the Luxury of Worrying About This. (1)

X0563511 (793323) | more than 4 years ago | (#33305474)

Ah, sorry for misreading you :)

Re:I Wish I Had the Luxury of Worrying About This. (1)

ByOhTek (1181381) | more than 4 years ago | (#33305166)

You are assuming that was the ONLY flaw in Linux...

Not a safe assumption. If that has been around for 7 years, what else could there be?

I'm certainly not saying Linux is less secure than Windows (I'm pretty sure the opposite, in fact, is true), however that doesn't mean that you are safe on that high horse of yours.

Re:I Wish I Had the Luxury of Worrying About This. (3, Insightful)

JesseMcDonald (536341) | more than 4 years ago | (#33305234)

You misunderstand. The Xorg bug doesn't require a malicious GUI app; it just requires a perfectly normal GUI app with an exploitable vulnerability. So if OpenOffice.org (or Acrobat Reader, or Firefox, or any other document viewer) has a flaw which can be exploited by a malicious document, the Xorg bug turns that into a privilege-escalation vulnerability, circumventing not only the normal permission mechanisms but also tools such as SELinux sandboxes (which protect against malicious code running in the sandboxed user application, not the X server).

Re:I Wish I Had the Luxury of Worrying About This. (2, Funny)

Korin43 (881732) | more than 4 years ago | (#33304696)

They fixed a bug in the Linux kernel? I'm worried now.

Re:I Wish I Had the Luxury of Worrying About This. (1)

betterunixthanunix (980855) | more than 4 years ago | (#33304738)

Well, not all distros are up to date on these things. Are you sure that the distro you use has distributed the update yet?

Re:I Wish I Had the Luxury of Worrying About This. (2, Insightful)

Korin43 (881732) | more than 4 years ago | (#33305060)

http://www.archlinux.org/packages/core/i686/kernel26/ [archlinux.org]

Patched on 8/13, new kernel package on 8/14. I'm not concerned. And slower-updating distros generally have a security team to patch these kinds of things into their current kernel release.

Re:I Wish I Had the Luxury of Worrying About This. (1)

valeo.de (1853046) | more than 4 years ago | (#33306350)

What should concern you is that this bug was patched by SUSE in 2004, but it took 6 years for that fix to make it into mainline...

Re:I Wish I Had the Luxury of Worrying About This. (2, Insightful)

h4rr4r (612664) | more than 4 years ago | (#33305150)

Don't run X as root. Who does that these days?

KMS, bitches.

Re:I Wish I Had the Luxury of Worrying About This. (2, Interesting)

Lunix Nutcase (1092239) | more than 4 years ago | (#33305450)

Don't run X as root. Who does that these days?

Probably quite a few. Not everyone is running a version of the 2.6 kernel that has KMS.

Re:I Wish I Had the Luxury of Worrying About This. (2, Informative)

Anonymous Coward | more than 4 years ago | (#33305636)

Don't run X as root. Who does that these days?

Who? People that run proprietary drivers from Nvidia or ATI do. So do people that use drivers from less popular vendors that don't yet have KMS in their drivers (KMS is not in every open driver yet). It's enough to stop most distros from shipping with X running as another user.

Re:I Wish I Had the Luxury of Worrying About This. (0)

Anonymous Coward | more than 4 years ago | (#33306006)

People that run proprietary drivers from Nvidia or ATI do.

And that's exactly why they shouldn't be running the proprietary drivers.

Re:I Wish I Had the Luxury of Worrying About This. (0, Troll)

elrous0 (869638) | more than 4 years ago | (#33304910)

Yeah, none of those 40 problem apps will run on Linux. Unfortunately, neither will thousands of other apps.

Re:I Wish I Had the Luxury of Worrying About This. (0)

Anonymous Coward | more than 4 years ago | (#33305370)

Yeah, none of those 40 problem apps will run on Linux. Unfortunately, neither will thousands of other apps.

...and nothing of value was lost.

Re:I Wish I Had the Luxury of Worrying About This. (1, Informative)

mandelbr0t (1015855) | more than 4 years ago | (#33304968)

There are many reasons to use Linux, but better security is not one of them. If you still believe this, put up a Linux server completely exposed to the Internet, and broadcast all over IRC that your server is badass and can't be hacked. It is a common misconception among Linux zealots that Linux doesn't have the security issues that Windows does, but mostly it's because its less popular, and very few exploit writers target Linux machines. In fact, even though ProPolice has been around for years, many Linux distros (including default Ubuntu) do not take advantage of it, and thus open themselves to a myriad of exploits that even Windows XP did not have. The performance gain from not using ProPolice is negligible, and the expoitablility of such a machine, given the quality of code from many Linux apps, is almost guaranteed.

So, your smart-ass comment only shows your ignorance. Linux is pretty cool as a development environment, and it's not a half-bad desktop, especially given the price. But I would run Windows Server long before I would consider putting a Linux machine on the net without a decent firewall (i.e. not Linux) in front of it.

Re:I Wish I Had the Luxury of Worrying About This. (3, Insightful)

mlts (1038732) | more than 4 years ago | (#33305758)

I'd say that putting any OS on the Internet without a reasonable firewall is a poor idea, the exception being a laptop [1] just out of necessity. Yes, most operating systems are hardened, but what brings the bugs are the applications that run on them. This is why having a hardened machine with as little running on it as possible is essential between the general purpose computers and the rest of the Internet.

[1]: I have seen tiny embedded Linux adapters just bigger than an Ethernet plug. Why can't laptop makers build a tiny firewalling router into one of those and mount it on the motherboard? This way, it doesn't matter what OS is, attacks from remote will be minimized, and one could configure it to disallow outgoing ports (such as port 25) that the laptop shouldn't ever need to go out on. I'm sure similar functionality can be done for Wi-Fi. As an added bonus, if a machine gets DoS-ed, it won't be the main CPU that has to sort out the offending packets, but the one on the built in firewall.

Re:I Wish I Had the Luxury of Worrying About This. (0, Troll)

DIplomatic (1759914) | more than 4 years ago | (#33305062)

Yeah, it would be way better for Windows users if they could be protected by a massive ego like a certain percentage of people running Linux.

Re:I Wish I Had the Luxury of Worrying About This. (2, Funny)

RMS Eats Toejam (1693864) | more than 4 years ago | (#33305162)

I'm running Linux :)

That's like not worrying about pregnancy because you're a homosexual.

Re:I Wish I Had the Luxury of Worrying About This. (1)

dkleinsc (563838) | more than 4 years ago | (#33305388)

I'm sure you could get these running under Wine.

Re:I Wish I Had the Luxury of Worrying About This. (0, Troll)

MobileTatsu-NJG (946591) | more than 4 years ago | (#33305472)

But alas, I'm running Linux :)

Do you wish you had the luxury of worrying about unwanted pregnancy, too? :)

Re:I Wish I Had the Luxury of Worrying About This. (1)

Tarlus (1000874) | more than 4 years ago | (#33305640)

But alas, I'm running Linux :)

Ugh. Here we go again...

Re:I Wish I Had the Luxury of Worrying About This. (-1, Troll)

Anonymous Coward | more than 4 years ago | (#33305790)

Don't worry about vulnerabilities.

I had a virus (a trojan) sent to me by mail; while Thunderbird was closed, our corporate antivirus solution found the trojan like an eagle and quickly solved the problem -- erasing my 4-year old Inbox.

So, don't freak about viruses, worms and the like. Worry about the antivirus installed by you on your machine; better yet, worry about M$.

(*) Being impartial, I must admit shadow copy (IOW, Windows) saved the day: I could restore a 2-day old Inbox file. That said, I suddenly think about the real usefulness of Shift-Delete...

Re:I Wish I Had the Luxury of Worrying About This. (1)

Grishnakh (216268) | more than 4 years ago | (#33306502)

I fail to see how that's a problem, as long as it was only your work email box that was erased. That just means less work for you, and any problems can be blamed on IT.

Really? (5, Funny)

Anonymous Coward | more than 4 years ago | (#33304534)

Just 40?

Nit-picking about "bugs." (get it? Har har har.) (1)

stagg (1606187) | more than 4 years ago | (#33304572)

/. is as bad for this as anywhere else on the net as far as I can tell. All bugs are flaws, but flaws are not necessarily bugs. This sounds like a flaw, even a vulnerability, but not a bug. Sorry, as you were.

So little detail... (5, Insightful)

broken_chaos (1188549) | more than 4 years ago | (#33304590)

So there are forty unknown applications with an unknown flaw that results in code execution. This sounds like it includes web browsers (given the references to 'viewing a web page' in the article), but it doesn't specify which. It also doesn't specify what sort of file(s) (except in the case of iTunes -- a 'media file') are affected.

So what're we supposed to do? There's no detail here, not even cursory detail, on what filetypes or applications to avoid. I'm fine with no details on the innermost workings of this exploit being widely disseminated, but why announce it with such fanfare if there's not even a way to avoid exposing yourself (i.e., listing these supposed '40 applications')?

Re:So little detail... (3, Funny)

0123456 (636235) | more than 4 years ago | (#33304674)

There's no detail here, not even cursory detail, on what filetypes or applications to avoid.

Presumably anything that runs on Windows would be a good first approximation.

Re:So little detail... (2, Informative)

parkrrrr (30782) | more than 4 years ago | (#33304676)

The article does mention that blocking WebDAV and SMB at your perimeter router will at least prevent the exploit coming from outside your network, though I agree that in general it seems long on FUD and self-congratulation and short on useful content.

Re:So little detail... (3, Informative)

parkrrrr (30782) | more than 4 years ago | (#33304736)

Slight self-correction: blocking SMB at the router and disabling the WebDAV client on all Windows machines. Still, there's a mitigation that should work for most people.

Re:So little detail... (0)

Anonymous Coward | more than 4 years ago | (#33304940)

blocking SMB at the router

Lol, I have been doing this for almost 10 years! Sure blocks a lot of remote windoze exploits.

Re:So little detail... (1, Insightful)

Anonymous Coward | more than 4 years ago | (#33305250)

You assume that most people know:
a. how to log into their router
b. how to block an outbound port in their router or
c. even know what a router or port is

Verizon's how-to to get into your router is buried. It took me more than 20 minutes to find it on their site the first time I needed to get into one.

Re:So little detail... (2, Informative)

Lord Ender (156273) | more than 4 years ago | (#33305688)

This is notable because it is coming from HDM, a fellow with an excellent reputation who will no-doubt release an easy-to-use exploit (with Metasploit) after app developers have had a chance to patch.

What we're suppose to do (1, Insightful)

syousef (465911) | more than 4 years ago | (#33306186)

So what're we supposed to do?

Run around like headless chickens predicting the end of Microsoft, and Windows, rant and rave about the virtues of Linux, how there are no Linux viruses and how any year now it will be the year of the desktop, and generally feel smug.

You're new here, aren't you?

Re:So little detail... (1)

Sponge Bath (413667) | more than 4 years ago | (#33306536)

So what're we supposed to do?

Panic! Ha ha, just kidding.
As far as I can tell, you are supposed to click on the advertisements in the article.

Oh noes! (2, Insightful)

PmanAce (1679902) | more than 4 years ago | (#33304606)

I better pull my internet plug until all 40 apps are fixed. 'Cause you know, I use windows and my machine gets infected everyday!

Re:Oh noes! (3, Insightful)

mark72005 (1233572) | more than 4 years ago | (#33304680)

Exactly... I am dubious on Windows security, but I use Windows boxes all the time without issue due to basic security precautions and basic common sense.

(Yes I realize most users do not have either)

Re:Oh noes! (4, Insightful)

Ironhandx (1762146) | more than 4 years ago | (#33304770)

A lot of people need to learn the phrase : "Common sense is not so common".

Re:Oh noes! (3, Funny)

rbochan (827946) | more than 4 years ago | (#33305194)

A lot of people need to learn the phrase : "Common sense is not so common".

These day it could be considered a super power.

Re:Oh noes! (1)

suomynonAyletamitlU (1618513) | more than 4 years ago | (#33305626)

A lot of people need to learn the phrase : "Common sense is not so common".

These day it could be considered a super power.

Funny how people don't hire super heroes. They're just expected to use their powers for good 'just because' and get nothing out of it but a grateful society.

And people wonder why these super powers don't arise very often.

Re:Oh noes! (0)

Anonymous Coward | more than 4 years ago | (#33306076)

A lot of people need to learn the phrase : "Common sense is not so common".

These day it could be considered a super power.

Sadly, no. A lot of people have learned a lot of phrases, without understanding their meaning.

Perhaps we will find the spectacle lot of people with no common sense repeating the phrase "Common sense is not so common" amusing.

Re:Oh noes! (0)

Anonymous Coward | more than 4 years ago | (#33305664)

i saw u type that

how can we trust (1, Insightful)

TheRecklessWanderer (929556) | more than 4 years ago | (#33304666)

How can you trust someone who finds a big bug, but won't say exactly what it is, and have a miraculous cure for it.

What a load of crap. On the other hand, I have found a virus that will immediately destroy your computer if you don't send me 1 million dollars.

Re:how can we trust (1)

by (1706743) (1706744) | more than 4 years ago | (#33304724)

How can you trust someone who finds a big bug, but won't say exactly what it is, and have a miraculous cure for it.

Same way you can trust me! Speaking of which, can I interest you in some snake oil?

Re:how can we trust (1)

0racle (667029) | more than 4 years ago | (#33304750)

What miracle fix?

Re:how can we trust (1)

valeo.de (1853046) | more than 4 years ago | (#33306512)

Perhaps this guy is giving the companies that develop these applications adequate time to patch them, before telling the world which ones are vulnerable? It's not like it'd be the first time where something like this has happened.

News at 11. (-1, Redundant)

Anonymous Coward | more than 4 years ago | (#33304730)

Windows has a security flaw!!!!!!!!

Next thing you're going to tell me is that water is wet.

Honestly, who is surprised to hear something like this? When has Windows *not* been vulnerable to some kind of critical exploit?

He tweeted... (5, Funny)

MrMe (172559) | more than 4 years ago | (#33304766)

'The cat is out of the bag, this issue affects about 40 different apps, including the Windows shell,'

That sounds really bad!

'The cat is out of the bag, this issue affects about 40 different apps, including the Windows shell,' he tweeted

Oh, doesn't seem so bad now...

Re:He tweeted... (2, Informative)

goofyspouse (817551) | more than 4 years ago | (#33304958)

Mod parent up. Anyone who tweets anything is not worthy of being taken seriously.

Re:He tweeted... (3, Funny)

clone53421 (1310749) | more than 4 years ago | (#33305344)

@goofyspouse (817551): mind if I re-tweet this?

Only 40? (1)

gmuslera (3436) | more than 4 years ago | (#33304818)

Or windows have several orders less apps than i think, or is the safest operating system on earth (ok, or something is missing in that formulation, like being 40: as in millons, or just counting in the included by default apps)

One Word ( Repost ): ( +4, Informative) (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#33304868)

Botnets !

Yours In Vladivostok,
Kilgore Trout.

Shared Objects / Dynamically Linked Libraries (4, Interesting)

VGPowerlord (621254) | more than 4 years ago | (#33305008)

I was under the impression that very few Windows applications were statically compiled... so why can't this just be updated in whatever shared object it uses again?

I know he says

There may be fixes that can be applied at the OS level, but these are likely to break existing applications.

but what and why?

Re:Shared Objects / Dynamically Linked Libraries (2)

Monkeedude1212 (1560403) | more than 4 years ago | (#33305240)

I agree - a remedial patch SHOULDN'T break the existing applications (and if Microsoft applied it, that would just give the vendors pressure to update their apps! What a role reversal, anyways) - but in case you haven't noticed, a lot of Microsoft's "Fixes" actually "break" functioning operations.

All in the name of security.

Re:Shared Objects / Dynamically Linked Libraries (1)

cbhacking (979169) | more than 4 years ago | (#33305654)

Even the safest APIs can be used stupidly. If the library code is correct but people are calling it in an unsafe manner, there's not a lot that can be done about that. Making changes to library code also requires an immense amount of regression testing. Some programs may be using an API unsafely, but in a non-attacker-controllable manner; those programs may technically have bugs but they run correctly (and securely) now, and if the library code were changed to prevent whatever they're doing those programs would break down.

Re:Shared Objects / Dynamically Linked Libraries (2, Informative)

amorsen (7485) | more than 4 years ago | (#33306002)

I was under the impression that very few Windows applications were statically compiled... so why can't this just be updated in whatever shared object it uses again?

Because to avoid dependency hell and to compensate for the lack of package management, Windows applications come with private copies of the DLL's they need. If a flaw hits a common library like a JPEG parser you have to go through the file system looking for vulnerable versions and hope all the versions you have installed have fixes available. Or just wait till each application vendor gets around to issuing a patch for their particular application.

Re:Shared Objects / Dynamically Linked Libraries (1)

21mhz (443080) | more than 4 years ago | (#33306362)

Right on. The side-by-side DLL installation technique has been available for a while in Windows, but the idea has yet to down on many application vendors to use it.

Well.. (1)

coppro (1143801) | more than 4 years ago | (#33305270)

Need your computer hacked? There's an app for that.

And I care about this why? (0, Flamebait)

bradbury (33372) | more than 4 years ago | (#33305300)

Oh, wait, I forgot, there is not a slashdot/gmail filter that falls under the heading of "I'm still stupid enough to run windows being the case in point of a virus ridden insecure operating system because it isn't open sourced."

Google has managed to get it right. Only show people news (or advertisements) with significant relevance to the viewer. I'm sorry, I've used Unix since 1974, and although there was a brief period of time when I engaged with Windows in the mid-to-late '90s, I'm now back with Linux.

What was it that Forrest once said... Stupid is as stupid does.

Please report on whether the vulnerabilities might perhaps impact programs typically run under Linux. I run almost entirely open source but that does not mean that could be immune to exploits. Simply means we can resolve them much faster.

Re:And I care about this why? (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#33305588)

How does that cock in your ass feel?

Each affected program will have to be patched sepa (1)

ciggieposeur (715798) | more than 4 years ago | (#33305564)

"Each affected program will have to be patched separately."

And this is why Linux package managers that know how to handle shared library dependencies are better than one-click installers that bring along their own versions of the libraries.

how do we check for all remotely loaded DLL loads (1)

Locutus (9039) | more than 4 years ago | (#33305804)

to enable by default, remote/network based DLL's to automatically be loaded, and then call this a bug in the applications which do basic DLL loading, me thinks something fishy is going on. Is there a way to watch for any and all DLL's loading from outside of the local machine? I'd like to see who might be feeding their application DLL's over the interweb. Legit or not, this sounds like an OS flaw when just loading a data file allows the application processing the data file to suck in DLL's from the location where the data file resided. If the application loaded from that remote location then fine, but we are talking about content, not application code. Sure sounds fishy.

LoB

Gucci handbags (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#33306608)

Our gucci shop providing various collection of wholesale gucci handbags [guccihandbagonsale.com] in our online store. gucci boston handbags [guccihandbagonsale.com] is very durable and comfortable to carry, functional and fashionable. With it's outstanding quality, perfect Italian craftsmanship, cheap price as well as our good after-sales service, we do believe that there must be one style of handbags is what you want to purchase. Better handbags, better life. If you have any more questions, please do not hesitate to email us now and you will get a satisfied reply within 24 hours

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>