More Windows Security Flaws
-
While listening to CNBC this morning, there was a news blip that Windows had SERIOUS security flaws in ALL of its OS's going back to 1996. While I am sure this is not news to some of you, has anyone run across this story in detail? Got a link to it? So I guess Windows 95, Windows 3.1, and Windows NT 3.5 were secure?! Oh, and so was Bob.
-
While listening to CNBC this morning, there was a news blip that Windows had SERIOUS security flaws in ALL of its OS's going back to 1996. While I am sure this is not news to some of you, has anyone run across this story in detail? Got a link to it? So I guess Windows 95, Windows 3.1, and Windows NT 3.5 were secure?! Oh, and so was Bob.
Nothing is secure. Nothing. The mere existence of something is a security flaw in itself. But some things are more or less probable to break, and Windows happen to be more probable to break than say the US federal gold reserve. Preferred storyline: - I am your father. Search your feelings and you'll know it's the truth. Together we can rule this galaxy like father and son. - Ok dad. Let's kick some butt!
-
While listening to CNBC this morning, there was a news blip that Windows had SERIOUS security flaws in ALL of its OS's going back to 1996. While I am sure this is not news to some of you, has anyone run across this story in detail? Got a link to it? So I guess Windows 95, Windows 3.1, and Windows NT 3.5 were secure?! Oh, and so was Bob.
The Power Switch Tim Smith "Programmers are always surrounded by complexity; we can not avoid it... If our basic tool, the language in which we design and code our programs, is also complicated, the language itself becomes part of the problem rather that part of the solution." Hoare - 1980 ACM Turing Award Lecture
-
While listening to CNBC this morning, there was a news blip that Windows had SERIOUS security flaws in ALL of its OS's going back to 1996. While I am sure this is not news to some of you, has anyone run across this story in detail? Got a link to it? So I guess Windows 95, Windows 3.1, and Windows NT 3.5 were secure?! Oh, and so was Bob.
Sounds like the 'shatter' attack (try google), which is a local root exploit caused by bugs in programs that run in a privileged context but expose windows in user space. It's not really a Windows problem, but for some reason it's been getting a hell of a lot of press recently. -- Eric Move along, nothing to see here.
-
While listening to CNBC this morning, there was a news blip that Windows had SERIOUS security flaws in ALL of its OS's going back to 1996. While I am sure this is not news to some of you, has anyone run across this story in detail? Got a link to it? So I guess Windows 95, Windows 3.1, and Windows NT 3.5 were secure?! Oh, and so was Bob.
-
Nothing is secure. Nothing. The mere existence of something is a security flaw in itself. But some things are more or less probable to break, and Windows happen to be more probable to break than say the US federal gold reserve. Preferred storyline: - I am your father. Search your feelings and you'll know it's the truth. Together we can rule this galaxy like father and son. - Ok dad. Let's kick some butt!
Hopefully security patches are really about securing the system, not about letting MS do whatever they intend to do (don't patches need Admin logon ?):~ ,
And I swallow a small raisin.
-
Hopefully security patches are really about securing the system, not about letting MS do whatever they intend to do (don't patches need Admin logon ?):~ ,
And I swallow a small raisin.
If they managed to ship a virus infected of a korean version of VS.NET (it was korean I believe, but I may be wrong), I'm quite sure it could also happen to say a service pack. StephaneRodriguez wrote: don't patches need Admin logon? Those which modify the system files most likely need admin logon. But you wouldn't need admin logon in order to spread some kind of virus which takes over the whole machine! There are several tricks you can do with DLL's to take over a machine.. :) Preferred storyline: - I am your father. Search your feelings and you'll know it's the truth. Together we can rule this galaxy like father and son. - Ok dad. Let's kick some butt!
-
While listening to CNBC this morning, there was a news blip that Windows had SERIOUS security flaws in ALL of its OS's going back to 1996. While I am sure this is not news to some of you, has anyone run across this story in detail? Got a link to it? So I guess Windows 95, Windows 3.1, and Windows NT 3.5 were secure?! Oh, and so was Bob.
It's a vulnerability in the ActiveX certificate enrollment control that can be exploited to delete/corrupt the digital certificates stored on a system. A successful exploit could corrupt trusted root certificates, encryption certificates, signing certificates, etc. This could potentially prevent proper encryption/signing of emails.
See www.pcworld.com/news/article/0,aid,104573,00.asp www.siliconvalley.com/mld/siliconvalley/3966694.htm. Patch from Microsoft available at www.microsoft.com/technet/security/bulletin/ms02-048.asp
-
Nothing is secure. Nothing. The mere existence of something is a security flaw in itself. But some things are more or less probable to break, and Windows happen to be more probable to break than say the US federal gold reserve. Preferred storyline: - I am your father. Search your feelings and you'll know it's the truth. Together we can rule this galaxy like father and son. - Ok dad. Let's kick some butt!
Jörgen Sigvardsson wrote: The mere existence of something is a security flaw in itself. :-D Jörgen Sigvardsson wrote: But some things are more or less probable to break, and Windows happen to be more probable to break than say the US federal gold reserve. But only just ;-) Regards, Brian Dela :-)
-
The Power Switch Tim Smith "Programmers are always surrounded by complexity; we can not avoid it... If our basic tool, the language in which we design and code our programs, is also complicated, the language itself becomes part of the problem rather that part of the solution." Hoare - 1980 ACM Turing Award Lecture
Tim Smith wrote: The Power Switch :confused: Regards, Brian Dela :-)
-
It's a vulnerability in the ActiveX certificate enrollment control that can be exploited to delete/corrupt the digital certificates stored on a system. A successful exploit could corrupt trusted root certificates, encryption certificates, signing certificates, etc. This could potentially prevent proper encryption/signing of emails.
See www.pcworld.com/news/article/0,aid,104573,00.asp www.siliconvalley.com/mld/siliconvalley/3966694.htm. Patch from Microsoft available at www.microsoft.com/technet/security/bulletin/ms02-048.asp
Thanks for the links :-) Regards, Brian Dela :-)