MS Virtual PC Flaw Defeats Windows Defenses 141
Coop's Troops writes "An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft's Virtual PC virtualization software to malicious hacker attacks. The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigations — DEP, SafeSEH and ASLR — to exploit the Windows operating system. As a result, some applications with bugs that are not exploitable when running in a not-virtualized operating system are rendered exploitable if running within a guest OS in Virtual PC."
Which only goes to show, it's always something (Score:1, Insightful)
If you want security, unplug the 'net. You ain't gonna get it any other way.
This gets me every time (Score:4, Insightful)
So how many months do you need to review once you are told about it???
Re:Linux (Score:5, Insightful)
Every time I read an article like this, it gives me a smug face wondering why more people don't switch.
Swtch to what, VMware or Parallels?
Re:Linux (Score:5, Insightful)
Re:This gets me every time (Score:2, Insightful)
The moment they put out a patch that breaks anything, or makes things worse the uproar will be greater. Its also amazing how it will work find in say, the spanish version, but not on the chinese versions. So many things and so many different products.
How many people even use VirtualPC/XP mode anyway? (Score:5, Insightful)
I'm not surprised that MS shrugged it off for now.
Re:This gets me every time (Score:5, Insightful)
Let's play devil's advocate:
MS has quite a lot of competing agendas: ...
- keep backwards compatibility, v1. That means a bunch a old APIs, services, apps... Not only was security not much of a concern back when those were written, but any change in the environment risks unveiling new vulns. These pooor guys are actually supposed to maintain IE 6, IE7, and IE 8.
- keep backwards compatibility, v2. MS can't really change the security model or the way they expose it without, again, breaking apps. Since NT, Windows's security model is not bad. But MS can't really implement it fully (no apps changing system-wide ressources, no writing outside of a handful of approved dirs...) without, again, breaking apps.
- add features
- maintain an incredibly wide array of software. MS = Oracle + Linux+ php + Apache + OOo + Firefox +
So yes, I really hate the pain that managing MS systems is. I, and they, know they could make things better by breaking a lot of apps. They choose not to... prolly because their customers want them not to. I can understand that.
Re:Ugh, this isn't good. (Score:5, Insightful)
If someone is using VirtualPC for a honeypot, they are an idiot.
The idea of a honeypot is that it is indistinguishable from "the real thing."
That this flaw even exists means it is identifiable as a virtual machine.
Re:This gets me every time (Score:3, Insightful)
Re:Linux (Score:3, Insightful)
It's a matter of priorities. Do I want to a) fight Windows security and have the apps I want, b) ignore security and have the apps I want, or c) have security, but have to learn some other app, or maybe do without that app.
The whole point of having a computer is to run the programs you want to run. If you're going to have to "do without", you might as well unplug the damn thing (thereby achieving perfect security).
Re:This gets me every time (Score:3, Insightful)
then with windows vista why didn't MSFT include an XP mode, than ran in it's own self contained section while using the higher security of a modern OS?
Windows 7 Professional/Ultimate includes exactly that. But it's implemented using Virtual PC, which is where this flaw was discovered.
Re:Ugh, this isn't good. (Score:4, Insightful)
A lot of people considered that to be all sorts of bullshit because Intel uses their VT feature to differentiate product lines; I.E., moderately priced business desktops don't support XP mode.
Moral: if you're looking for something modestly priced, go with AMD processors. Not only are they cheaper, but nearly all the ones you can find today support virtualization.
Re:Linux (Score:1, Insightful)