Flaw in MS anti-malware engine poses command override risk Microsoft has updated its malware protection technology following the discovery of a bug which might, given a plausible but unlikely set of circumstances, allow a hacker to gain root access to vulnerable systems. Would-be hackers would already need to have access to targeted systems in order to exploit the privilege escalation …
..........."Flaw in MS anti-malware engine *posed* command override risk"?
In other words using the past tense rather than the present tense? Otherwise the MicroDollarSoft brigade might be misled into believing that they had yet another opportunity to log on and begin to howl about the Great Satan from Redmond. We would not wish to expose them to disappointment, now would we?
No. Since at the time the article was written the patch had not been applied to all systems, the risk still existed. Therefore the correct tense to use was the present.
As long as it cannot be verified that the patch has been applied to all systems, the risk will still exist, so "poses" will be the correct term for the foreseeable future.
Ah something else from the trusted computing initiative (also including the magic registry key "INFECT_ME_PLEASE") - go flame me, I don't care.
"Would-be hackers would already need to have access to targeted systems in order to exploit the privilege escalation bug"
But if hackers _couldn't_ get access to targeted systems, then we wouldn't have any of this malware protection stuff, so we should assume that hackers _can_ get access to systems.
Anyway, the whole reason that privalege escalation is a problem is because we don't explicitly trust everyone / everything to always be good, and that is why there are access restrictions. Users are usually not allowed root privaleges for this reason, but normally do have access to the system.
Speaking for myself I have no desire to flame you! With regard to the issue of access and who gets it one has to acknowledge that this is the heart of the problem. Let us assume (hypothetically speaking) that MS had produced an OS that was as close to perfect as ordinary mortals could possibly achieve. To what extent would this really make a difference? I do not pretend to have the answer to that but my guts tell that it would make considerably less difference than one might hope and indeed this comes back to what you were discussing. The fact of the matter is that we are all painfully aware that the biggest threat to ones system is either oneself or the plank in the office next door. One is forced to conclude that although we have to keep trying the bullet-proof OS/company system is in the absolute sense unachievable. Unless of course we try and remove the human element completely, what we can call the "Skynet approach" - and we all know what that led to!
"The fact of the matter is that we are all painfully aware that the biggest threat to ones system is either oneself or the plank in the office next door." ....... Arctic fox Posted Friday 25th February 2011 15:01 GMT
That is very convenient, head-in-the-sand, wishful thinking, Arctic fox, much appreciated by much bigger threats than was ever imagined possible.
.....explain in your posting what the hell you mean. Why is my posting "That is very convenient, head-in-the-sand, wishful thinking"? You have in fact said nothing at all other than that you disagree with me. Kindly, without howling, explain why. Your "reply" to my post said precisely nothing other than that you did not like what I posted, what kind of "contribution" to debate is that?
"You have in fact said nothing at all other than that you disagree with me. Kindly, without howling, explain why. Your "reply" to my post said precisely nothing other than that you did not like what I posted, what kind of "contribution" to debate is that?" ....... Arctic fox Posted Friday 25th February 2011 17:55 GMT
You are [sadly/badly/madly] mistaken on a number of points, Arctic fox. And/But as you have sensibly asked for clarification, are we pleased to comply.
"The fact of the matter is that we are all painfully aware that the biggest threat to ones system is either oneself or the plank in the office next door." .... is that which we discuss.
We liked what you said. And wholeheartedly agree, BUT to imagine just the two attack vectors whenever there is a whole underground army of quite brilliant programmers out there, hacking into Binary Delivery Systems Mechanisms, and leaving behind infectious and subversive and sublimely addictive content for browser display and global propagation, has every system which connects in any way with CyberSpace, under virtual threat from just those two divine phorms of remote control. And there are bound to be many more from others, for one only knows what one knows, and others develop other vectors which are surely known only to them.
And if one consider the above practice, malicious, then one has to also consider the White Knight Programmers who are out there, using the same vulnerabilities/facilities to inject their own sublime steganographic codedD messaging to engage with such underground armies.
The contention is that all of the above is a much bigger threat to every system and therefore "the biggest threat to ones system is either oneself or the plank in the office next door." is invalid, and a dangerous assumption to make/hold, for it is bound to make one complacent.
Be careful out there, in CyberSpace, IT is AIJungle and Full of All Sorts of Nutters and Savants peddling their Independent Wares/Ab Fab Memes. :-) ......... and Virtual Machine Control is a Power Elite Program which Drivers their Realities, Virtually Everywhere, so be aware of what has been done, and what Man has evolved into at the Higher Levels of Universal Control.
I hope, well, actually trust in Global Operating Devices, that makes things a lot clearer.
I think there is ample evidence that you can make a Windows box almost impregnable if you try. For one thing, there's that black hat contest each autumn (?) where prizes are offered to anyone who can crack various boxes. In recent years, the "bare OS" prize has gone unclaimed, since you need some Adobe-ware on the system before it is actually vulnerable. Even then, cracking a system from the network is hard.
The horrendous infection rate within the Windows population is largely down to the fact that most end-users run as admin and willingly run EXEs that they find whilst surfing. Even *I* could crack a Windows box owned by such a user.
"The horrendous infection rate within the Windows population is largely down to the fact that most end-users run as admin and willingly run EXEs that they find whilst surfing. Even *I* could crack a Windows box owned by such a user."
Thank you Ken Hagan, that indeed was, essentially, my point - although you managed to sum it up much better than I did. My point, when I referred to the (obviously ideal/imaginary situation) where Windows itself did not make the situation worse, was of course to underline exactly what you point out in your posting. The biggest threat to security is the end-user. Short of attaching electrodes to the gonads of every employee and sending X-Zilliion amperes through their reproductive equipment every time they breach security protocols I do not begin to have any idea how we tackle this problem.
we have been sold the lie that computing is easy by MS for years and it patently isn't, but we still spend a huge amount on it and try and use it in the way we have been told we can. And the customer seems to be the only one not to benefit. Unless you think the next very expensive OS 'upgrade' will actually achieve anything.
It is possible to make secure systems work - so long as you can tell the MS brainwashed management that security comes first, a long way ahead of 'I want to plug it in/open it and see what it does'. MS opened all the doors and windows and air vents and roof lights and is still surprised when anyone gains entry.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
