Tuesday, 10. January 2006
PermaLink Oxymoron du jour

"Microsoft Security"

Over at the SANS ISC Handler's diary, we see:

Another WMF attack vector?

We had hoped the chapter on WMF exploits had finally been closed, pending the patching of countless millions of vulnerable workstations of course.  However, today we were forwarded a Bugtraq disclosure of two additional functions vulnerable to memory corruption attack within the Microsoft graphics rendering engine.  The flaw reportedly affects the 'ExtCreateRegion' and 'ExtEscape' functions...

That's right. We have two more designed in backdoor features. Who could possibly have foreseen that?

So far these are DoS only vectors. MS seems to think this justifies a less urgent response although I seem to recall that the last DoS only vector they ignored was later used as an attack vector.

Elsewhere MS is reported as having redoubled its efforts on the security front.

Microsoft to hunt 'new species' of bugs
In the wake of WMF flaw...

Microsoft plans to scour its code to look for flaws similar to a recent serious Windows bug and to update its development practices to prevent similar problems in future products.

The critical flaw in the way Windows Meta File (WMF) images are handled, is different to any security vulnerability the software maker has dealt with in the past, according to Kevin Kean and Debby Fry Wilson, directors in Microsoft's Security Response Center. Typical flaws are unforeseen gaps in programs that hackers can take advantage of and run code. By contrast, the WMF problem lies in a software feature being used in an unintended way.

Am I the only one to see some inconsistency here?

On the one hand it's business as usual, with DoS vectors being given low priority. On the other, MS has seen the light and will now seek out all of the backdoors in their legacy code they have deliberately left open in addition to the countless french windows and similar gaping portals left open entirely by accident.

This does not fill me with confidence.

Luckily Bruce, Julian and Bill have recently demonstrated that Windows itself is optional.

Category: Viruses and Worms
Technorati:

Comments :

1. Chris Whisonant10/01/2006 13:06:23
Homepage: http://cwhisonant.blogspot.com


I still prefer the age-old oxymoron:

Microsoft Works

Thanks for the heads-up!



2. Richard Schwartz11/01/2006 05:48:35
Homepage: http://www.rhs.com/poweroftheschwartz


CNet needs a better editor. The grammar in thiat story, (sic - comma) is different to (sic) any English the reader has dealt with in the past.



3. Chris Linfoot11/01/2006 08:15:55


Editor possibly a wombat. Eats[,] shoots and leaves.



Unable to post a comment? Please read this for a possible explanation...
Add Manual Trackback
Please enter the details of the trackback post. Your trackback will not appear on the site until it has been verified. This won't be immediate, as trackbacks are validated on a scheduled basis. Be patient.











Search
Hot Categories
Domains
IPv6
Internet
Malware
Monthly Archive
2009
2008
2008
2008
2008
2008
Full Archive
Links
CircleID
Anti-Spam Tools
Misc Links
Land banking information
Contact Me
email - Chris Linfoot
Subscribe
Subscribe to articlesArticles

Subscribe to commentsComments