Exploit Released for Unpatched Windows Flaw 386
woodchuck writes "Washington Post reports that another Windows hole has been found and exploit code is now running lose that makes swiss cheese of current patches and security measures.
From the article: "Security researchers have released instructions for exploiting a previously unknown security hole in Windows XP and Windows 2003 Web Server with all of the latest patches applied. Anti-virus company Symantec warned of the new exploit, which it said uses a vulnerability in the way Windows computers process certain image files (Windows Meta Files, or those ending in .wmf). Symantec said the exploit is designed to download and run a program from the Web that downloads several malicious files, including tools that attackers could use to control vulnerable computers via IRC.""
Re:Virus company (Score:3, Interesting)
Re:Amazing (Score:2, Interesting)
Re:Other platforms? (Score:3, Interesting)
No kernel problem, but Winows only (Score:4, Interesting)
How/Why does thi skeep happening (Score:3, Interesting)
program running on my client computer can be
made to execute code? Honestly, I don't really understand
these exploits that supposedly take advantage of
a client buffer overflow (or some such thing) to execute
code on my local machine. What makes the instruction pointer in
the code that is reading (in this case) the wmf file suddenly
jump to code that is in the data segment? (Presumably embedded in
the wmf file itself).
Re:They call hackers researchers now? (Score:3, Interesting)
Crackers are hackers*. You cant crack someone's system without being very skilled in toying with technology (ie a hacker).
However, hackers aren't nessearily (or usually) crackers.
*This excludes script kiddies et al, since they dont crack someone's system really. they just run someone elses' crack
I remember the days... (Score:1, Interesting)
I was eating crow shortly thereafter.
I miss the old days.
Breaks thumbnails and Windows Picture Viewer (Score:3, Interesting)
Anyway, losing thumbnails and that program is IMHO a very minor price to pay for not having your machine rooted. So just make sure and warn others before you tell them to use this temporary workaround.
I wonder how long we will have to wait for MS to fix this one? Oh well, more money for me if they don't.
Re:Broadband Reports' Security Forum Thread... (Score:3, Interesting)
I downloaded the wmf file to my desktop, but accidentally double clicked it when I was trying to submit it to trendmicro
I closed the connection with TCP View [sysinternals.com], but it took out explorer.exe with it.
This is much worse than potential spyware, this exploit is silent and can easily be used to drop keyloggers, or in my case, it opened up a shell back to the guy i was chatting with.
(btw - I knew it was a trojan when i downloaded it)
Re:No kernel problem, but Winows only (Score:3, Interesting)
(Illustrator CS2 on OS X opens the things just fine.)
Post to Broadband Reports' Thread... (Score:4, Interesting)
There's an excerpt of our chat in that post too.
Re:Why does /. report so much on Windows flaws? (Score:2, Interesting)
Does it affect LUAs? (Score:2, Interesting)
Re:Genius Idiots. (Score:1, Interesting)
It's still wrong though.....
Re:Why does /. report so much on Windows flaws? (Score:3, Interesting)
Re:Genius Idiots. (Score:1, Interesting)
Yes, if you have a posh tech job it may seem easy for someone that smart to just get a job. But you (or, should I say, your company) wouldn't hire him. Your company probably wouldn't care how smart he is--you wouldn't hire him because he's not a US citizen, or because he doesn't have five years of PHP or whatever is the latest buzzword the idiots in HR decided you must have.
People are desperate in those eastern-bloc nations and I can see why they end up making these kinds of tough decisions.
AH, I miss the 90's (Score:4, Interesting)
Oh and those wonderfull windows exploits, works, spyware, wild tangent, trojan horses, worms and blue screens. And then, linux. What I never thought I could afford happened. I had a unix at home. It looked just like the real thing. Root easily accesible from your user account to make it workable to split your accounts. Didn't you hate it when in windows if you wanted to install any software no matter how trivial you had to logout and login as admin to do it and the only way to get some work done was to always get admin privileges on every machine?
Nowadays when someone gives me the root password on a unix like machine I always demand a pay raise. It probably means they expect me to fix it in the weekend.
Thank you MS for making me stick with linux. The energy bill had me y contemplating scrapping my dual P3 linux desktop and only keep my P4 gaming rig. Windows 2003 is actually pretty stable, now all they got to do is clear the goddamn fucking security holes.
Geez, just a few articles ago people were actually talking about how MS was changing and bam we get the mother of all exploits. The only thing worse would be a worm. This is so easily exploitable. Just make an account on forum that allows those awfull avatar images and bam.
I can't believe the slashdot reader reaction either, first bunch of posts are some insane ramblings about hackers/crackers and the rest have some insane fix that even the most moronic idiot can see is a total failure.
Yes fucktards who suggest that whole unregister crap, because of the way MS has setup its OS many a windows program comes with its own copy of the dll it uses EVEN if it is a copy of a Windows OS dll. To avoid versioning problems it is easier to include it then hope the user OS has the right version.
Do a dupe check your dll's in the main windows directories and where you install your programs some times. What do you think the chances are they will all be patched? It is a well known problem and in fact one of the reasons the whole dynamic linking idea was so attractive.