Announcement

Collapse
No announcement yet.

This looks like fun: fundamental security flaw in Windows that cannot be patched

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #1

    This looks like fun: fundamental security flaw in Windows that cannot be patched

    "Unfixable" flaw breaks Microsoft's Windows

    The flaw is part of the fundamental design of the Windows operating system. It is contained within the mechanism that controls the flow of messages between different windows on the desktop. This is called the Win32 API and has remained unchanged since 1993.

    Critically, the Win32 API system does not authenticate the messages, so cannot distinguish messages from malicious or legitimate sources. This allowed Paget to select a window with the highest privileges and surreptitiously embed a malicious piece of code. When executed, the code would increase his user privileges to the maximum given to that window.
    So what's the latest news on this? Has anything been done about it?
    (\__/) 07/07/1937 - Never forget
    (='.'=) "Claims demand evidence; extraordinary claims demand extraordinary evidence." -- Carl Sagan
    (")_(") "Starting the fire from within."
    Tags: None
  • #2
    Why can I only forsee an argument breaking out over this thread, as opposed to intelligent discussion?
    "Paul Hanson, you should give Gibraltar back to the Spanish" - Paiktis, dramatically over-estimating my influence in diplomatic circles.

    Eyewerks - you know you want to visit. No really, you do. Go on, click me.

    Comment

    • #3
      *sits and waits for Asher*
      "Love the earth and sun and animals, despise riches, give alms to every one that asks, stand up for the stupid and crazy, devote your income and labor to others, hate tyrants, argue not concerning God, have patience and indulgence toward the people, take off your hat to nothing known or unknown . . . reexamine all you have been told at school or church or in any book, dismiss whatever insults your own soul, and your very flesh shall be a great poem and have the richest fluency" - Walt Whitman

      Comment

      • #4
        *Decides to leave before Asher even arrives*
        "Paul Hanson, you should give Gibraltar back to the Spanish" - Paiktis, dramatically over-estimating my influence in diplomatic circles.

        Eyewerks - you know you want to visit. No really, you do. Go on, click me.

        Comment

        • #5
          Win32 is obsolete and is deprecated.
          "The issue is there are still many people out there that use religion as a crutch for bigotry and hate. Like Ben."
          Ben Kenobi: "That means I'm doing something right. "

          Comment

          • #6
            And there you have it.
            Life is not measured by the number of breaths you take, but by the moments that take your breath away.
            "Hating America is something best left to Mobius. He is an expert Yank hater.
            He also hates Texans and Australians, he does diversify." ~ Braindead

            Comment

            • #7
              And the article is a bit misleading as to how serious this really is.

            • On XP, most users log in as Administrators anyway. So what's the point of an exploit that lets you run code as an administrator when users run it like that intentionally most of the time?
            • LocalSystem is far less useful than they imply - LocalSystem is a typical account that can also pretend to be run from other accounts on a thread-by-thread or whole process basis. Even so, this requires a username/password for said accounts.

              They also don't mention that this is a common "flaw" in OSes, including Linux.

              For example:
              make a copy of a shell program (e.g. csh, bash, sh,
              ksh, whatever) in your user area. Write some code that figures out where the
              inode table (which is usually cached in RAM) entry for that file resides in
              memory. Trap into a debugger, and set the suid root bit for that file.
              Resume the operating system. Run the shell - you now have a command prompt
              with root privileges.
            "The issue is there are still many people out there that use religion as a crutch for bigotry and hate. Like Ben."
            Ben Kenobi: "That means I'm doing something right. "

            Comment

            • #8
              On XP, most users log in as Administrators anyway. So what's the point of an exploit that lets you run code as an administrator when users run it like that intentionally most of the time?

              Do they do that in corporate environments?
              Blog | Civ2 Scenario League | leo.petr at gmail.com

              Comment

              • #9
                On XP, most users log in as Administrators anyway. So what's the point of an exploit that lets you run code as an administrator when users run it like that intentionally most of the time?


                i don't think most people realize they are running it as an administrator. after all, when they run setup, they see an "administrator" account, and then it asks for their name.

                most people probably don't realize they have all the power of a superuser...
                B♭3

                Comment

                • #10
                  Huh? Who do they think has that power then?
                  Blog | Civ2 Scenario League | leo.petr at gmail.com

                  Comment

                  • #11
                    they may not realize such power exists, st leo. not to downplay the intelligence of the average computer user, but i've found that while working in tech support, most users have no idea that their default windows account has administrator priviledges. things install for them, and that's all they care about. they naturally don't know how to use "services" or "computer management", nor do they often bother with "internet options", "control panel", and the like--which are all accessible on the default named account.
                    B♭3

                    Comment

                    • #12
                      Believe me, most people, including and especially my wife, should not have administrator privileges on any computer.
                      Only feebs vote.

                      Comment

                      • #13
                        Originally posted by St Leo
                        On XP, most users log in as Administrators anyway. So what's the point of an exploit that lets you run code as an administrator when users run it like that intentionally most of the time?

                        Do they do that in corporate environments?
                        Yes. However, they are "administrators" on their own boxes only with that logon. They are not administrators on remote boxes or on NT/2k domains unless granted those priveleges separately in the appropriate places.
                        When all else fails, blame brown people. | Hire a teen, while they still know it all. | Trump-Palin 2016. "You're fired." "I quit."

                        Comment

                        • #14
                          The reason XP defaults new accounts to administrator is for ease of use considerations.

                          Most games and applications when XP launched required administrator privledges to install because of how Win9x was designed. It'd be a huge pain in the ass (and confusing) for most people to have it tell you that you need an Administrator account to install a simple game.

                          Most games and apps out right now are properly configured and install on a per-user basis rather than per-system, so they do not require administrator accounts.

                          In Longhorn, not only will a limited account be the default, but .NET apps will more than likely far outnumber old Win32 apps.
                          "The issue is there are still many people out there that use religion as a crutch for bigotry and hate. Like Ben."
                          Ben Kenobi: "That means I'm doing something right. "

                          Comment

                          • #15
                            hi ,



                            thanks for OS X and its cats , ....

                            from apple bien sure , .....

                            have a nice day
                            - RES NON VERBA - DE OPRESSO LIBER - VERITAS ET LIBERTAS - O TOLMON NIKA - SINE PARI - VIGLIA PRETIUM LIBERTAS - SI VIS PACEM , PARA BELLUM -
                            - LEGIO PATRIA NOSTRA - one shot , one kill - freedom exists only in a book - everything you always wanted to know about special forces - everything you always wanted to know about Israel - what Dabur does in his free time , ... - in french - “Become an anti-Semitic teacher for 5 Euro only.”
                            WHY DOES ISRAEL NEED A SECURITY FENCE --- join in an exceptional demo game > join here forum is now open ! - the new civ Conquest screenshots > go see them UPDATED 07.11.2003 ISRAEL > crisis or challenge ?

                            Comment

                              • Previous 1 2 3 template Next
                              Working...
                              X