Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

New Zero-Day Vulnerability In Windows

Posted by Zonk on Sat Nov 04, 2006 11:44 PM
from the worst-day-of-the-week dept.
Security Microsoft Operating Systems Software Windows IT
Jimmy T writes "Microsoft and Secunia are warning about the discovery of a new 'Zero-day' vulnerability affecting all Microsoft based operating systems except Windows 2003. Both companies states that the vulnerability is currently being exploited by malicious websites. One attack vector is through Internet Explorer 6/7 — so be aware where you surf to."
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

New Zero-Day Vulnerability In Windows 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Just curious (Score:3, Insightful)

    by realmolo (574068) on Saturday November 04 2006, @11:49PM (#16721731)
    Seems there is always a new "zero day" exploit for Windows. Most times, the exploit can be activated simply by visiting a webpage that has been crafted to take advantage of it.

    Does anyone actually know anyone that has been affected by any of these exploits? Seems to me that the odds of actually visiting a site that "runs" the exploit is incredibly low.

    • Re: (Score:3, Insightful)

      by Opportunist (166417)
      The odds depend entirely on you.

      The attack vector is a link to the bogus page. Now, how do you get a link to a user and make him click? Usually this is done either by email (click here for big boobs or fat cash) or on a webpage (same).

      In the meantime, you can also have it on a banner, where the one wanting to infect you buys ad space on a ... let's say less prestigious page of our beloved web. Usually also pages that promise big boobs, fat cash or free software.

      Well, technically, you get free software...
      • The odds also depend on time. Because as with every vulnerability, it only get worse over time: more bad guys become aware of how to exploit it, methods of exploitation become more reliable, etc.
      • I've been clicking on your link for big boobs, and nothing is happening. What's going on here?
    • ...is also the most impractical. What you do is just never network the Windows box in the first place. No internet, no intranet--nothing. If you use Windows exclusively, then this isn't really an option. You're going to want to get online eventually. But if you're double booting and running Windows for rendering applications, non-multiplayer games, office suites or whatever else that doesn't require connectivity, then you'll be fine.

      • Re: (Score:3, Insightful)

        by Jaseoldboss (650728)
        No, this problem only affects computers with browsers that support ActiveX. That's why W2K3 isn't affected because IE is configured to be virtually "text only"

        Have you seen the 'mitigating factors from the MS advisory? They're hilarious:

        In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to

  • I've been looking at porn all night.. it is saturday you now!.... jeeze.. I better start scanning my machine now (or stop looking at porn) .... (or reload my machine).

  • "Trusted" Websites (Score:3, Insightful)

    by TheStonepedo (885845) on Saturday November 04 2006, @11:54PM (#16721773) Homepage Journal
    For all of the shortcomings of IE, Microsoft does attempt to cover its ass to some degree. There are settings in IE which decide which goodies [javascript, (un)signed activex controls, etc.) can be run from which websites. When installing Server 2003, just about everything is out-of-bounds in the default IE. If Microsoft would advocate such tight controls by default on all Windows distributions, or even publish its own list of trusted 3rd-party sites, risks could be reduced. The malicious folks who take advantage of zero day exploits tend to be in the seedier parts of the tubes anyway.

    • Re: (Score:3, Insightful)

      by 0racle (667029)
      And if MS published such a whitelist so many of Slashdots readers would get up in arms about leveraging their monopoly and various other terms they don't really understand. That said, it really isn't Microsofts place or duty to police the internet and say what is and is not safe.
  • Or is it only via IE.

    What other ways can this exploit be triggered?

    • Its the forever plague of the ActiveX vulnerabilities (though semi-indirectly in this case). So Firefox is safe. Anything that uses XMLHTTP control in a way that it could get arbitrairy inputs is vulnerable.. In other words, Internet Explorer, anything that uses MSHTML straight to connect to random web sites (its safe if its only trusted web sites), so that includes Outlook, etc. Thats about it. But thats too much for my taste.

        • Re:Seriously, Is Firefox susceptible to this too? (Score:5, Informative)

          by Shados (741919) on Sunday November 05 2006, @12:37AM (#16722023)
          Yes and no. This flaw is specific to XMLHTTP, which is kind of developed independantly. You also can use XMLHTTP without using IE at all, thats why I say its independant. Its probably a buffer overflow, and not much to do about it in this case. So yes IE7 has a flaw, but there really isn't anything they could do in the current context. -HOWEVER-, while IE7 is more secure than IE6 in a million ways, the WinXP version is nothing but a shadow of the real thing. The sandboxed IE7 is on Vista only, and I'm pretty damn sure this vulnerability is not an issue there. Anyway, so its more semantic here, but you could say "yes, IE7 has a vulnerability". however, its a little bit like if there was a vulnerability in KDELIB across the board...obviously that would touch Konqueror, no matter how secure Konquerer itself is... Can't excuse that one though. IE7 on XP is far, far from secure. More secure, but not secure.

        • Re: (Score:3, Informative)

          by uhlume (597871)
          Only by virtue of Microsoft's attempt to provide backward compatability for AJAX sites developed for older versions of IE.

          Prior to IE7, the XMLHTTP object, used to retrieve data from external sources without full-page reloads, was provided by an external ActiveX control. With IE7, Microsoft has implemented XMLHTTP natively in-browser, rendering the ActiveX control unneccesary -- however, it's still possible for older sites which haven't yet been rewritten to take advantage of native XMLHTTP support to load
  • What is so hard about the concept of a program that can go out to the Internet, look at what is there and renders it for me. WITH NO WAY TO CHANGE ANYTHING ON MY COMPUTER.

    Is that so much to ask for, of ANY browser?

      • Actually, it might make sense to take the caching functions out of the web browser, maybe even out of client machines entirely, in favor of network appliances. That would allow you to have very secure, locked-down browsers, while still doing caching.

        I've always been surprised that Linksys or one of the other network-box companies hasn't put together an easy to use "web accellerator" caching proxy. I suppose it's because it would be too hard to explain to a lot of people (the kind of people who don't grok th
  • and I write buggy software. I am by no means a MS basher, but the security advisory that they have put out reads like an endless stream of lame excuses.

    It may very well be that stupid users or badly configured systems allow these exploits to thrive but FFS Microsoft just admit that you are actually at least partially to blame.

    As long as they fail to realise that they are not gods and do actually write buggy software, what hope is there that they will ever succeed in producing something secure?

  • No 2003? Someone can't read. (Score:3, Informative)

    by flyingfsck (986395) on Sunday November 05 2006, @03:40AM (#16722879)
    From Secunia, the vulnerable versions are:
    Microsoft Windows 2000 Advanced Server
    Microsoft Windows 2000 Datacenter Server
    Microsoft Windows 2000 Professional
    Microsoft Windows 2000 Server
    Microsoft Windows Server 2003 Datacenter Edition
    Microsoft Windows Server 2003 Enterprise Edition
    Microsoft Windows Server 2003 Standard Edition
    Microsoft Windows Server 2003 Web Edition
    Microsoft Windows XP Home Edition
    Microsoft Windows XP Professional
    • Its sad when you think that Windows 2003 is a better desktop OS than Windows XP...a bit pricey for a desktop, too =P
    • http://www.google.com/trends?q=linux%2Cwindows&cta b=0&geo=all&date=all [google.com]

      there's no trend here. windows searches are decreasing also.

      • As a sexy nerd-girl once said,

              Lay off the caffeine, dog. Now you're seeing things. There ain't no such thing as a sexy nerd girl. There are plenty of sexy girls (directly proportional to the amount of beer you've had), and there are some nerd girls. But sexy nerd girls? No way, unless you are really wasted.

        • But sexy nerd girls? No way, unless you are really wasted.

          Its funny because the other week I was waiting at the supermarket checkout behind three of the ugliest women I have seen in a long time. Not offensive, just not ... very ... attractive.

          Their credit card transaction was going through. One of them appeared to be entranced by the flickering lights of the network gear embedded behind the register. She turned two one of her friends and said I think the hourly transfer is about to run...ah there it is.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.