Major flaws in Windows

Whomp

Keep Calm and Carry On
Retired Moderator
Joined
Dec 17, 2004
Messages
18,200
Location
Chicago
I suppose this is not new to many but if you haven't changed your browser it seems like this makes a pretty strong case to do it now.
Spoiler :
A previously unknown flaw in Microsoft Corp.'s Windows operating system is leaving computer users vulnerable to spyware, viruses and other programs that could overtake their machines.

Users can infect their computers by visiting certain Web sites that are able to exploit some Windows-based applications, Internet security company Panda Software said Friday. It called the discovery "one of the most serious vulnerabilities recently detected."

The flaw to the world's most popular software leaves PCs open to adware and spyware as well as Trojans that can hide damaging programs. Internet Explorer, Outlook and the Windows Picture and Fax viewer are used to insert the potentially harmful code, said Patrick Hinojosa, chief technology officer of Panda.

"Because this exploits particular programs on Windows, rather than Windows itself, your machine can get infected simply by visiting a Web site that's set up to exploit the flaw," he said.

Microsoft is investigating reports of the problem, the Redmond, Wash., company said on its Web site. Microsoft hasn't yet developed a security patch.

Mike Reavey, operations manager for Microsoft's Security Response Center, called the flaw "a very serious issue." He encouraged users to update their antivirus software, ensure all Windows security patches are installed, avoid visiting unfamiliar Web sites, and refrain from clicking on links that arrive via e-mail or instant message.

Security researchers revealed the flaw on Tuesday and posted instructions online that showed how would-be attackers could exploit the flaw. Within hours, computer virus and spyware authors were using the flaw to distribute malicious programs that could allow them to take over and remotely control afflicted computers.

Panda found cases of infection almost immediately after the flaw was first reported, Hinojosa said.

Web sites exploiting the security lapse include Toolbar.biz and BuyToolbar.biz, Panda said. The sites are set up to install malicious code by using the way applications process Windows Metafiles to show images.

Dean Turner, a senior manager at antivirus firm Symantec Corp. of Cupertino, Calif., said the company has seen the vulnerability exploited to install software that intercepts personal and financial information when users of infected computers enter the data at certain banking or e-commerce sites.

Microsoft has been working to improve the security of Windows, which has come under attack from more than 17,000 computer viruses and worms. The latest vulnerability was found in Windows XP, Windows 2000 and Windows NT systems. Panda said it is still testing Windows 98 for the flaw.

Because the vulnerability exists within a faulty Windows component, security experts warn that Windows users who eschew Internet Explorer in favor of alternative Web browsers, such as older versions of Firefox and Opera, can still get their PCs infected if they agree to download a file from a site taking advantage of the flaw.

- - -

Protect yourself

To avoid infecting your computer with a virus, Microsoft advises Windows users to take the following steps:

- Update antivirus software.

- Don't visit unfamiliar Web sites.

- Don't click on links that arrive via e-mail or instant message. Also, don't open e-mail attachments sent from an unknown source.


http://www.chicagotribune.com/business/chi-0512310061dec31,1,2038174.story?ctrack=1&cset=true
 
article said:
Panda said it is still testing Windows 98 for the flaw.

Windows 98 doesn't need testing, it already has a great security feature, aka not staying stable enough for long enough to get infected.
 
sanabas said:
Windows 98 doesn't need testing, it already has a great security feature, aka not staying stable enough for long enough to get infected.

Funny :lol: but true.:( When I was running 98 it crashed at least 10 times a day.
 
I'm sticking with windows
 
as far as I know there arent very many other OSs anyway......
 
MarineCorps said:
Funny :lol: but true.:( When I was running 98 it crashed at least 10 times a day.


That would suggest there was something terminally wrong with your installation...
 
Stylesjl said:
I'm sticking with windows

Whomp's not suggesting you change your O/S, but your browser. Firefox, for example, appears to be safer than Internet Explorer (at least for the moment...).
 
Security researchers revealed the flaw on Tuesday and posted instructions online that showed how would-be attackers could exploit the flaw. Within hours, computer virus and spyware authors were using the flaw to distribute malicious programs that could allow them to take over and remotely control afflicted computers.
I bet this is how most malicious code is developed these days. If these "security" companies stopped making public statements like this then our computers would be much more secure. :rolleyes:
 
You're telling me that something is wrong with windows? i cant even log onto my stupid comp because weindows decided to put an error into lsass.exe , a file necessary to log onto windows..and i cant do jack crap about it!
 
I bet this is how most malicious code is developed these days. If these "security" companies stopped making public statements like this then our computers would be much more secure.

Making a big deal out of trying to keep it a secret wouldn't accomplish anything. You're going to have to let the antivirus/antispyware people know about it so that they can be sure that their products protect against it. In the case of a Windows vulnerability, you have to let MS know so that they can patch it. The info is going to get out either way. This is why your good antivirus companies push out updates almost daily, sometimes even hourly.
 
A followup to this story. It seems Microsoft won't release a patch till Jan. 10th. Be very careful dl'ing pictures off the web. The virus is carried in picture files and can be triggered if an image is viewed in an email or on an infected Web site. Microsoft recommends users unregister a file called shimgvw.dll.

Spoiler :
NEW YORK -- Microsoft Corp. plans to release a patch for a new security flaw at its next scheduled update release on Jan. 10, leaving users largely unprotected until then from a rapidly spreading computer virus strain known as "metasploit."

"Microsoft's delay is inexcusable," said Alan Paller, director of research at computer security group SANS Institute. "There's no excuse other than incompetence and negligence."
SANS Institute, via its Internet Storm Center, has taken the unusual step of releasing its own patch for the problem until a Microsoft-approved fix is available. "It's not something we like to do," said Paller.

The Internet Storm Center, which tracks viruses and other outbreaks on the Web, increased the threat level to "yellow" -- a warning that means a significant new threat is developing.

Microsoft said evaluation and testing affect the timing of security patches. "Creating security updates that effectively fix vulnerabilities is an extensive process. There are many factors that impact the length of time between the discovery of a vulnerability and the release of a security update," Microsoft said in a security advisory on its Web site.

The attack is the latest to hit Microsoft, despite its redoubled efforts to respond to security threats. With more than 90% of personal computers running Windows, it represents the biggest target for hackers.

The virus began spreading last week, as hackers took advantage of a previously unknown flaw in Windows Meta File code in what is known as a "zero-day attack."

"The flaw is fairly significant in terms of its reach," said Alain Sergile, product manager at Internet Security Systems Inc.'s (ISSX) X-Force threat analysis service.

The bug was found in current server and desktop versions of Windows and is considered serious because it requires relatively minor user interaction to be unleashed. The virus is carried in picture files and can be triggered if an image is viewed in an email or on an infected Web site.

Johannes Ullrich, chief research officer at SANS Institute, said there are hundreds of Web sites that carry the infected images, and he's tracking the possibility that an online ad service is serving up infected image files. He says 5% to 10% of users appear to be infected, "an order of magnitude more than other attacks."

The virus takes advantage of the way Windows processes Windows Meta Files, or WMF, images. These file types can carry more common .jpg extensions, but still carry the malicious code.

Microsoft recommends users unregister a file called shimgvw.dll. "While this workaround will not correct the underlying vulnerability, it helps block known attack vectors," the software maker says in its security advisory.
By Chris Reiter Of DOW JONES NEWSWIRES
 
Zakharov said:
I bet this is how most malicious code is developed these days. If these "security" companies stopped making public statements like this then our computers would be much more secure. :rolleyes:
On the contrary, MS doesn't make these notifications until the problem has been largely resolved, and a patch is coming soon. And the only reason they know it's a problem is that somebody is already exploiting it. So if they don't announce the problem, it is still being exploited, and they haven't fixed it yet. So you are still getting screwed, but you just don't (necessarily) know it. :p

OTOH, I switched to Linux 100% almost 2 yrs ago, and I haven't looked back. :D
 
Afterall... Windows XP just sucks. Let's hope Vista won't be such a piece of crab...
 
Zakharov said:
I bet this is how most malicious code is developed these days. If these "security" companies stopped making public statements like this then our computers would be much more secure. :rolleyes:

yeah, just denying that there are security flaws is a much better alternative :rolleyes:

usually, security flaws are first reported to the responsible company, and only later made public....with the long timespan MS needs to create security-patches though......
 
vbraun said:
I knew Padma was going to post in this thread. ;)

Yeah. Hmm, Padux's law: Any time there is a thread involving windows flaws Padma will post that he uses Linux and doesn't have to worry about flaws.:p :D
 
vbraun said:
I knew Padma was going to post in this thread. ;)
Hey! Somebody's got to point out that there are alternatives to WIndows. ;)
MarineCorps said:
Yeah. Hmm, Padux's law: Any time there is a thread involving windows flaws Padma will post that he uses Linux and doesn't have to worry about flaws.:p :D
I wouldn't say Linux has no flaws. Just *different* flaws. (And personally, none so serious as Windows' flaws. ;))
 
Back
Top Bottom