What? Again?

Windows XP is like that ugly girl at the pub which everyone's nailed.

Actually it'd be the super-hot girl, because everyone is gunning for her.

The rest of the world calls them sheep, Agathon.

Actually, only the stack protection has been "breached", and only on systems without NX/XD instructions (Athlon 64s, new Pentium 4s). NX/XD-supporting systems stop these cold.

Since I'm not entirely confident you even know what NX/XD is, here's that site's blurb:

Boo, where'd everyone go?

Having read the entire PDF now (I'm at work and bored), I have to wonder if anyone else who is making claims like "SP2 Breached" actually read it.

In addition to only affecting systems without NX/XD support ("software" DEP/"sandboxing" instead of "hardware"), it'll also require an exploitable memory error in a system component (there are none known right now) that uses a very specific method of heap allocation, including using heap lookaside lists (which are disabled by default).

In short, . The chances of this being an issue are slim to none, and it's more FUD from the people who claim to hate FUD.

You'd think the Linux geeks who keep buzzing about this would best spend their time upgrading their linux boxes.

There were 17 Linux kernel vulnerabilities recently...


















It's front-page news when MS announces a few vulnerabilities, and it slips into obscurity when there's 17 Linux Kernel vulnerabilities recently...

The Linux people don't have enough money that anyone cares if anything bad happens to them.

The NX support just gives people a false sense of security.

Heard about "smashing the stack" before? Buffer overruns is the single most critical thing to guard against. I wonder why the resident MS fanboy is downplaying this?

The funny thing is, updating to SP2 does little good.

Yet what are making the CERT list?

It's so amusing that MS types are telling us that how Windows is so much more secure than Linux, but even the vaulted SP2 is breached so fast, which enables buffer overruns of all things. "Trustworthy Computing" indeed.

Besides, MS failed to announce this, like usual.

So does using Linux or MacOS X, or anything where people tell you you need not worry about viruses.

What's interesting, and what my point was, was that NX/CD does prevent this kind of attack. In fact, this attack just does not work with NX-enabled systems. So saying it gives people a false-sense of security is rather irrelevant...

Where am I downplaying buffer overruns?

This exploit is possible on only non-NX systems, and only in a tiny fraction of possible buffer overrun exploits. That is my point.

And yes, I know about smashing the stack...and I apparently know more about it than you -- this exploit has nothing to do with the stack, it's a heap exploit (specifically when heap lookaside is on).

I can also lecture you on dtors, global offset table exploits, polymorphic shellcode, RST hijacking, and FMS attacks if you wish. For all the **** you guys give my university, you need to realize it is the only university with a hacking & virus writing course. I know more about this stuff than you, and more than you think.

What point is it that you're trying to make?

The Linux kernel has 17 recent security vulnerabilities...some of which are remote, not local. When was the last time we even saw a Windows kernel vulnerability? In fact, that's an exercise up to the reader. Show me the last Windows NT kernel vulnerability...

A system with one remote exploit like any one of the latest 17 Linux kernel vulnerabilies is just as insecure as a system with 150.

I don't expect you to understand, you're clearly the Slashdot type who don't know much about the subject. You have a vague high-level understanding, add on your bias and twist and FUD and suddenly it's just pathetic.

This issue has such a remote chance of happening that it's rather worthless. It's an incredibly contrived example that it's useless in the real world, and one that will likely be patched soon.

Shame on you, UR.

How little you know of men.

This is a slightly unfair comparison. The WindowsXP kernel has effectively been frozen for -- how long since it came out, three years now? The Linux kernel, specifically the 2.6 kernel, is being continually developed. And the deep hooks between that blasted Internet Explorer and the rest of Windows renders a kernel vulnerability somewhat irrelevant on a Windows box. You hardly need a kernel vulnerability when IE is such a piece of garbage.

At least the Linux 2.2 kernel is still actively maintained; if there were any new NT kernel vulnerabilites found, MS wouldn't fix it any more (I literally mean WindowsNT here, as it's fallen out of support. Hell, MS even gives Windows2000 the shaft to an extent, refusing to backport IE6 SP2 to it for instance).

That being said, I had to download a complete set of KDE 3.2 packages for Mandrake 10.1 for the fifth time last night, and that distro is barely three months old. Meanwhile the KDE developers are working on a beta of 3.4! Seems to me like they're racing ahead on features too much and neglecting security. And I can't get the latest Mandrake kernel to install either -- the bootloader script is crapping out for some obscure reason (and for which I've gotten no advice in two user forums either).

Neither camp is as good as it should be.

Don't use IE.

Eh? Windows NT 4.0 still gets critical security vulnerabilities patched. The latest was on January 17, 2005...: http://www.computerweekly.com/articl...earch=&nPage=1

Support "officially" ended Dec 31, 2004, but critical patches are still being made available.

As for it being unfair -- it doesn't really matter. The XP kernel was modified as recently as Windows XP SP2, and the Windows XP kernel is from 2001. Many of the kernel vulnerabilities in my list affect 2.2, which predates Windows XP by over a year.

NT4 was launched in, what, 1995/1996? And it's still getting fixes ~10 years later?

Apple won't even provide fixes for anything older than a couple years, and I don't know if I've seen a recent Linux 1.x security fix.