Cool :)

ooo thanks El Reg....I just tried it (seems my £9 per month Windows Phone Zune Subscription account got automigrated over to XBox) and I can download music and stream to the Win 8 PC via the music app. So that means music in the living room via the Xbox, music on WP phone, music on the Zune, music on home PC and on my slate. Already downloaded 4 GB music....

No vulnerability...

A strong password is all that is needed to prevent the attack, RDP is NOT on by default either. The passwords the bot tries are very very simple....

Another none issue ....

So on Windows Phone 7 the transmission of location data:

Is switched off by default

Is easy to switch off in settings if it's on

Doesn't get saved to the SD card

Is fully documented saying what and why the location data is stored and how the users privacy is kept

https://www.microsoft.com/windowsphone/en-us/howto/wp7/web/location-and-my-privacy.aspx

FFS, if you want a cinema near where you standing of course your location is going to get sent to MS...

To tar MS with the same Google/Apple brush over this is hardly fair, but so called journalism really has sunk this low....

Move along... nothin’ to see here....

MS said the bug was exploitable, said it was difficult to exploit and updated IIS two months prior to the conference where this mitigation research was discussed.

Mitigations are used to slow down attackers in their development of exploits, to try and make those exploits unreliable, and to raise the bar of the skill required to create such exploits (e.g. Chris Valasek is a Senior Research Scientist). The mitigations in this case served that purpose. Mitigations don’t take away the need to update the binaries and IIS was still fixed. Mitigations for all platforms are constantly updated to reflect research from White/Grey/Black Hats. Mitigation bypasses generally do not work broadly.

Server DoS's are typically patched by MS anyway, so whether or not it was exploitable is irrelevant, detailing whether it is exploitable or not is to allow the system admin to make a decision in how to prioritise the downloading/testing and rolling out the patch.

The revised blog post, that wasn't referenced by Dan for some reason, said it was exploitable:

http://blogs.technet.com/b/srd/archive/2011/02/08/regarding-ms11-004-addressing-an-iis-ftp-services-vulnerability.aspx

E.g.:

"Since then additional research has shown that it may be possible for this vulnerability to be exploited if DEP and ASLR protections are bypassed."

The bulletin notes from Feb 2011 said it was exploitable:

E.g.:

“Maximum Security Impact - Remote Code Execution”

http://www.microsoft.com/technet/security/bulletin/ms11-004.mspx

MS said they were aware of the research in the mitigation bypass.

http://blogs.technet.com/b/srd/archive/2011/02/08/assessing-the-risk-of-the-february-security-updates.aspx

“Vulnerability details for CVE-2010-3972 are public. However, it will be difficult to build a reliable exploit for code execution. We have heard rumors [sic] of an exploit technique that will be discussed publicly in April by Chris Valasek and Ryan Smith.”