back to article How's it going, Microsoft users? Patching your PCs? You SHOULD be

Brace yourselves, users and administrators, Microsoft and Adobe have released another monthly batch of critical security updates for their products. The December edition of Patch Tuesday will fix five critical vulnerabilities in Microsoft software, two which are being exploited in the wild by miscreants. The first of the …

COMMENTS

This topic is closed for new posts.
  1. Eddy Ito

    "The first of the critical flaws lies within the handling of TIFF image files"

    Oh crap, I was using this as a way to make my steganographic messages self destruct. Now I'll have to rely on the DMCA to keep the NSA from reading my letters to mom.

    1. Roo

      Eddy, have an upvote...

      ""The first of the critical flaws lies within the handling of TIFF image files"

      Oh crap, I was using this as a way to make my steganographic messages self destruct. Now I'll have to rely on the DMCA to keep the NSA from reading my letters to mom."

      Cutler's legacy has become an OS that processes TIFF files at ring 0, I bet he never saw that coming when he was slating UNIX in the 80s and 90s.

      1. Anonymous Coward
        Anonymous Coward

        Re: Eddy, have an upvote...

        "Cutler's legacy has become an OS that processes TIFF files at ring 0, I bet he never saw that coming when he was slating UNIX in the 80s and 90s."

        I'll bet he didn't (but then I've only been using his software since the days he was writing PDP11 code rather than wasting his time re-architecting Xboxes just to keep him out of the hands of the competition and the press).

        Can anyone enlighten readers on how/why what should be pure user-mode code ends up being able to get administrative privileges? Pointers welcome (or are pointers the problem rather than the answer?)

        1. Eddy Ito

          Re: Eddy, have an upvote...

          It's a stack smash. This blog post was pointed to in an earlier article.

          1. Anonymous Coward
            Anonymous Coward

            Re: Eddy, have an upvote...

            I wrote: "how/why [is it that] what should be pure user-mode code ends up being able to get administrative privileges? " (wasn't as clear as I might have been, but the message got through).

            Eddy wrote: "It's a stack smash. This blog post was pointed to in an earlier article."

            OK, so let's assume that we all know (or can find out) what a stack smash is.

            The Reg's article (November 2013) Eddy links to says: "When exploited, the attacker's code hidden in the image file executes on the target system >>>with the same privileges<<< as the current user." And the Technet article behind all this says nothing about elevated privileges.

            As another two ACs have already pointed out rather more delicately, this arguably contradicts the claim in yesterday's article: " If exploited, an attacker could use the bug to remotely execute code on the targeted system with full administrative rights"

            Arguing the other way, if the person looking at the image has admin rights, so does the payload code.

            Either way, afaict there's no unauthorised elevation of privilege, just the unauthorised code gets the same privilege as the user reading it.

            Article unclear (at best). Could do better.

        2. Anonymous Coward
          Anonymous Coward

          Re: Eddy, have an upvote...

          "Can anyone enlighten readers on how/why what should be pure user-mode code ends up being able to get administrative privileges? "

          It doesn't.

        3. Anonymous Coward
          Anonymous Coward

          Re: Eddy, have an upvote...

          I can't be certain, but I strongly suspect it's an example of what has always been a chronic problem at Microsoft. Namely, executives' perception of what users want always trumps technical considerations. There will have been a requirement to process TIFF faster, regardless of the downside.

          No matter how good your developers, design, architecture, etc., if the ultimate decision-makers are in the habit of imposing their own diktats regardless, the results will be bad somewhere down the road. It's far easier to screw software up than to fix it afterwards.

          1. Peter Simpson 1

            Re: Eddy, have an upvote...

            "...always been a chronic problem at Microsoft. Namely, executives' perception of what users want always trumps technical considerations."

            That explains the "ribbon", then.

      2. Anonymous Coward
        Anonymous Coward

        Re: Eddy, have an upvote...

        DC was an idiot to do that. They didn't allow that sort of thing in VMS. (4 addresss spaces with S0 & S1 protected from the world right from the outset).

        Have MS not learned anything from the past 15+ years of malware & viruii attacks?

        Apparently not.

        1. Anonymous Coward
          Anonymous Coward

          Re: Eddy, have an upvote...

          "Have MS not learned anything from the past 15+ years of malware & viruii attacks?"

          I imagine Microsoft's top people reason "Where is DEC now?" And there is something to that way of thinking. Why focus exclusively on doing the right thing technically, if it leads to your company disappearing?

      3. codeusirae
        Facepalm

        Cutler's legacy...

        "Cutler's legacy has become an OS that processes TIFF files at ring 0", Roo

        Windows NT 4.0 was so sluggish they had to put GDI into ring0, in the process making it unstable and insecure. Cutler had nothing to do with it. ref

        1. Anonymous Coward
          Anonymous Coward

          Re: Cutler's legacy...

          The problem was not NT 4 - the problem is how INtel x86 CPUs handle ring transitions. Whenever execution goes through a ring boundary, the processor has to load descriptors, perform security checks, swicth LDT, switch stacks, copy data, ecc. ecc.

          That requires a lot of CPU cycles, and inevitably slow down any application using a lot of ring swicthes (and that's why most OSes use only two of the four available rings). GUI calls are so many in any modern operaing system, and they have to reach the graphic hardware which of course is accessible only in ring 0. Thereby if you splt graphic libraries in user and kernel space, you risk to have many more calls across boundaries, because a user mode function may need to call many lower level kernel mode functions to work. If you use the user mode function only as a stub to the kernel mode counterpart, once parameters are adressable from kernel there are no more switches needed, and intra-ring calls are much faster.

          BTW: where's Linux graphic code today?

          1. Anonymous Coward
            Anonymous Coward

            Re: Cutler's legacy...

            "where's Linux graphic code today?"

            Can you be more specific. But I'll take a punt.

            The user-mode stuff is where it belongs, in user-mode (mostly in the app).

            The hardware-specific stuff is where it belongs, in drivers,

            In between are various layers which may or may not be a good thing, depending on whether your driving force is system integrity (UNIX->Linux) or press-article performance (Windows 98 graphics was faster than NT, because of the separation of modes, Gates didn't like that. So he made Windows NT graphics architecture less secure and less productive, but seemingly faster for teh l33t gamerz).

            Does that help?

          2. Roo

            Re: Cutler's legacy...

            "BTW: where's Linux graphic code today?"

            Fair point, and god only knows with the new fangled X replacements....

            In the case of X windows the user code does not explicitly* make system calls to render stuff, and it runs in a separate process from the Xserver... Instead the user code talks to the Xserver via a socket (* this uses system calls), although these days the bulk of data transfer happens via shared memory - which neatly sidesteps a lot of the potential system call overhead. I suspect a lot of people don't even realise you can run an Xclient remotely these days. ;)

            Xservers certainly have been pwned in days gone by, but the nice thing is you can lock down access to an Xserver quite easily using permissions or simply remove it entirely from the system. Unfortunately Windows doesn't seem to offer the same option.

        2. Anonymous Coward
          Anonymous Coward

          Re: Cutler's legacy...

          "Windows NT 4.0 was so sluggish"

          Maybe that depends on whether your goal is productivity or raw performance.

          I had an unauthorised NT laptop while the IT-supported folks were still on DOS extenders with a GUI.

          I never had problems with apps running out of available memory. I had no problems with sluggishness.

          IT-supported folks frequently popped over to say "Can you print this for me, it won't print on mine, out of memory, I've been trying for ages"

          So, NT had a reasonably stable and secure system with reasonable performance, but W98 gamestyle benchmarks looked better. So, as per the whitepaper you linked to, MS HQ got rid of the inter-process stuff which slowed it down (and kept it stable and secure).

          They call it progress.

        3. Roo

          Re: Cutler's legacy...

          ""Cutler's legacy has become an OS that processes TIFF files at ring 0", Roo

          Windows NT 4.0 was so sluggish they had to put GDI into ring0, in the process making it unstable and insecure. Cutler had nothing to do with it. ref"

          I was careful not to suggest that Cutler was involved in such daftness. Also in this case it looks like El Reg misrepresented the nature of the vuln in any case - which invalidates my snipe.

          As for GDI being the way it is - MS could have licensed/copied a UNIX way of doing this stuff safely & quickly (SGI et al had a handle on this before MS came up with 95) if it wasn't for their legendary "Not Invented Here" syndrome. With that said, some of the design errors MS have made were most likely due to pig ignorance rather than NIH.

    2. Anonymous Coward
      Anonymous Coward

      "The first of the critical flaws lies within the handling of TIFF image files in Windows Vista, Server 2008, Lync and Office 2010, 2007 and 2003. If exploited, an attacker could use the bug to remotely execute code on the targeted system with full administrative rights."

      Erm, No. See http://technet.microsoft.com/en-us/security/bulletin/ms13-096

      An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

      1. Anonymous Coward
        Anonymous Coward

        Re: could gain the same user rights as the current user.

        Which might be meaningful if MS themselves didn't issue a raft of programs that effectively require users with admin privileges to run. With Adobe doing the same thing it's a somewhat meaningless caveat in many places.

        1. Anonymous Coward
          Anonymous Coward

          Re: could gain the same user rights as the current user.

          "Which might be meaningful if MS themselves didn't issue a raft of programs that effectively require users with admin privileges to run."

          I hear people say things like this, usually not about MS however, but I rarely actually come across software that actually can't run as non-admin, just lazy installers or software so bad you wouldn't use it anyway.

          Incidentally can you tell me what some of this "raft" of MS software which requires admin to run is?

          1. Roo

            Re: could gain the same user rights as the current user.

            "I hear people say things like this, usually not about MS however, but I rarely actually come across software that actually can't run as non-admin, just lazy installers or software so bad you wouldn't use it anyway."

            By that definition for many years MSOffice could have qualified as "software so bad you wouldn't use it anyway." ;)

        2. Ken Hagan Gold badge

          Re: could gain the same user rights as the current user.

          "Which might be meaningful if MS themselves didn't issue a raft of programs that effectively require users with admin privileges to run."

          Do they? I've been getting all my day-to-day work done with an ordinary user account for the best part of 20 years. Perhaps I'm running the wrong apps.

  2. scub

    security

    see "security" updates?

    Who`s security they sposed to be updating?

This topic is closed for new posts.

Other stories you might like