.ANI Vulnerability Patch Breaks Applications 164
Jud writes "Microsoft's fix for the .ANI vulnerability was part of Patch Tuesday yesterday. However, all is not well with the update. Reportedly, installing the patch will break applications such as Realtek HD Audio Control Panel and CD-Tag, which mentions they are affected by the problem on their main page. A hotfix is currently available from Microsoft, however their current position is this is an isolated problem and the fix is not planned to be pushed out through Microsoft Update. "
Re:Hehe (Score:5, Interesting)
Re:he (Score:3, Interesting)
You simply have to be careful with the address space if you are a library that will be dynamically loaded in plenty of images, especially if you are loaded very early on.
(Heh, last summer, I got the genius idea that the base addresses were probably not optimal after all hotfixes and 3rd party software, so I started a gigantic rebase on the complete system32. That's a baaaad idea. I should at least have had enough sense to exclude NTOSKRNL, but I obviously didn't. Repair was fun...)
I had the Realtek issue..... (Score:3, Interesting)
So.. If the fix is that simple, is this issue really an issue or is this issue blown out of proportion?
Re:Before all the lame bashing.. (Score:3, Interesting)
Yes, you mightn't need a full development environment inside of your word processor or web browser, but they didn't spend time and energy putting those features in there for nothing. Someone determined that the bloat would make them more money...based on their revenue stream, I'm going to say that they were right.
Re:Before all the lame bashing.. (Score:4, Interesting)
Uh, several of our enterprise webapps used animated cursors to let the user know that something is being processed. Maybe to a clueless geek user feedback is a useless feature, but to anyone who knows about UI design it is a requirement. The real sin with this patch is that this bug was already patched TWO years ago, but they meerly patched the codepath for the known vulnerability and left it at that, they did not look at the actual cause of the problem and so we have the same vulnerability with a twist come out two years later.
Re:Hehe (Score:4, Interesting)
I have a fairly new Dell XPS600 (1 year old) and the update borked my machine due to the realtek program. I got some obscure message about how rtdcpl.exe was performing an illegal access trying to move some OCX DLL.
I was able to solve the problem by Google Searching and installing the MS hotfix. The only problem now is that "hotfix" makes it so I have to wait about 1 minute longer after I log in before I can access the internet. I used to be able to pop-up IE right away and surf but now if I do that, I get the error page for site not found for about 1 minute before things start working normally.
I don't know how isolated it can be since Dell alone has sold millions of PC's with realtek audio chipsets.
big program breaking (Score:2, Interesting)
A big ha-ha to vendors using animated cursors (Score:3, Interesting)
Reminds me of when I bought a little FM radio controlled by a serial link. The crapplet they sent on the CD-ROM was so annoying, the first thing I did was sniff the serial protocol and write my own little non-obtrusive applet. I asked the manufacturer for the proto specs first, but they delined, even after I pointed out how easy it was going to be to reverse engineer them... idiots!
Never thought I'd write something like this, but kudos to MS for saying we're not going to work around your crappy little app.
</rant>
Was the DLL base address ALL they changed!? (Score:3, Interesting)
You see, moving where a DLL is stored in memory might break the proof of concept, but it might not actually fix the vulnerability. Sure, the code it hooked into before in order to hack the machine won't be in the same place, but it might well be possible to fix the exploit to point to the code's new location.
In short, I wonder if they're playing tricks to make it more difficult to exploit without actually fixing the underlying problem?
MMC crash after patch on 2003 servers (Score:1, Interesting)
m10