PDA

View Full Version : Another zero-day vulnerability



Gremlinzzz
November 25th, 2010, 09:20 PM
I thought Windows 7 was secure. seems no system is invulnerable.
http://www.h-online.com/security/news/item/Another-zero-day-vulnerability-in-the-Windows-kernel-1142264.html

another link
http://www.itpro.co.uk/628894/zero-day-windows-flaw-goes-public?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ITPro%2FToday+%28IT+PRO+-+Today%29

nlsthzn
November 25th, 2010, 09:25 PM
I thought Windows 7 was secure. seems no system is invulnerable.
http://www.h-online.com/security/news/item/Another-zero-day-vulnerability-in-the-Windows-kernel-1142264.html

Secure Windows is an oxymoron ;)

Spice Weasel
November 25th, 2010, 09:34 PM
The only secure system is one without a network connection.

Even then, once someone has physical access you're screwed.

Old_Grey_Wolf
November 25th, 2010, 09:47 PM
I noticed the article said, "The vulnerability allows attackers who have penetrated a system to escalate their privileges." If someone has already penetrated the system then you need to go back to "Security 101" to begin with; because, you have more than one hole in your armer.

The article also quotes Prevx, from the Prevx website a maker of a product for "Powerful real-time anti-malware protection. Combines antivirus, rootkit, antispyware, and zero day heuristics for ultimate security."

That article looks more like an ad than anything else.

m4tic
November 25th, 2010, 10:09 PM
What does zero-day mean? Thank god i'm not on windows, these fancy names to distract people from the real issue that is Windows is Not Safe.

d3v1150m471c
November 25th, 2010, 10:14 PM
"It's not yet clear when Microsoft will be able to fix the vulnerabilities."

You just learn to always expect the best from multi-billion dollar companies.

Gremlinzzz
November 25th, 2010, 10:17 PM
Didn't know but its not windows 7 first.
August 6, 2010,
http://www.zdnet.com/blog/security/windows-7-dinged-by-new-zero-day-vulnerability/7065
glad im using Linux.

Old_Grey_Wolf
November 25th, 2010, 10:21 PM
What does zero-day mean?

A security vulnerability that was not previously known to the security experts. Therefore, if you had Prevx or any other anti-virus, anti-malware, anti-etc. installed it wouldn't have protected you.

It can also mean vulnerabilities for which no patch exists; therefore, once again nothing the professionals have done to protect you.

Linux gets security patches quite often; however, someone has to find the vulnerability before anyone knows it needs to be patched.

Gremlinzzz
November 25th, 2010, 10:23 PM
The flaw could be exploited by local attackers to cause a denial-of-service or potentially gain elevated privileges, according to an advisory from VUPEN, a French security research outfit.
That explains why the French are changing to Linux systems.

RiceMonster
November 25th, 2010, 10:46 PM
glad im using Linux.

Yeah, thankfully Linux has never had any (http://www.linux.com/archive/feature/135270) vulnerabilities (http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html) before!

Old_Grey_Wolf
November 25th, 2010, 10:52 PM
Yeah, thankfully Linux has never had any (http://www.linux.com/archive/feature/135270) vulnerabilities (http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html) before!

I hear you whispering. Don't say it to loud.

:lolflag:

del_diablo
November 25th, 2010, 10:56 PM
Tsk, the difference? Compare the time used to fix said vounds, and how long they was "free for exploit" by being publically known :P

czr114
November 25th, 2010, 11:14 PM
Tsk, the difference? Compare the time used to fix said vounds, and how long they was "free for exploit" by being publically known :P
The FOSS model goes a step beyond that.

Had the affected code been publically viewable prior to a commit, test, or full rollout, somebody would have had the opportunity to spot the badly-behaved pointer and fix it before the damage was done.

Proprietary software development encourages middle management to hand out feature checklists for the employees to breeze through before clocking out at 4:30. Code gets rushed and committed with too few eyes watching, as on the career ladder, it's better to not ask questions and appear competent than to let others know/help catch your mistakes before they ship out the door. By the time an 0day gets found and 100,000 more copies of a banking trojan queued up, the rushed programmer could very well be in another department.

Gremlinzzz
November 25th, 2010, 11:18 PM
Yeah, thankfully Linux has never had any (http://www.linux.com/archive/feature/135270) vulnerabilities (http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html) before!

Linux has had em but i didn't pay for Linux.
got my vulnerabilities free.

wilee-nilee
November 25th, 2010, 11:20 PM
I thought Windows 7 was secure. seems no system is invulnerable.
http://www.h-online.com/security/news/item/Another-zero-day-vulnerability-in-the-Windows-kernel-1142264.html

Your link times out, and any OS is only as secure as the user,;)


Linux has had em but i didn't pay for Linux.
got my vulnerabilities free.

Lol that is a funny response, nothing better then free vulnerabilities that is for sure.;) Very little vulnerabilities just really do to a smaller target in general and you start without running in root, not like MS.

Gremlinzzz
November 25th, 2010, 11:30 PM
Your link times out, and any OS is only as secure as the user,;)



Lol that is a funny response, nothing better then free vulnerabilities that is for sure.;) Very little vulnerabilities just really do to a smaller target in general and you start without running in root, not like MS.

added another link same story
Thanks

wilee-nilee
November 25th, 2010, 11:33 PM
added another link same story
Thanks

Hey I started with open source and use it all the time the only time I use my XP and W7 licenses is to update and get a good chuckle. I'm not a gamer nor do I need any programs MS provides, but that is just me.

angryfirelord
November 25th, 2010, 11:44 PM
The FOSS model goes a step beyond that.

Had the affected code been publically viewable prior to a commit, test, or full rollout, somebody would have had the opportunity to spot the badly-behaved pointer and fix it before the damage was done.

Proprietary software development encourages middle management to hand out feature checklists for the employees to breeze through before clocking out at 4:30. Code gets rushed and committed with too few eyes watching, as on the career ladder, it's better to not ask questions and appear competent than to let others know/help catch your mistakes before they ship out the door. By the time an 0day gets found and 100,000 more copies of a banking trojan queued up, the rushed programmer could very well be in another department.
That's not necessarily true in all cases. The Debian SSL bug was created by an open-source packager and was left unpatched for two years for all eyes to see. In an extreme case, there was also a BSD bug that was carried over from the Unix days that was left unfixed for 25 years. I agree that the open-source model allows for more rapid patching and deployment of security updates, but it's not foolproof to security vulnerabilities. Let's not kid ourselves, we're still fallible humans at the end of the day. :)

Quadunit404
November 25th, 2010, 11:46 PM
I thought Windows 7 was secure. seems no system is invulnerable.

There will be a such thing as a completely invulnerable OS when pigs fly.

It surprises me how many people go by the amazing(ly bad) "It's secure because they say it is" logic.

wilee-nilee
November 26th, 2010, 12:01 AM
When we look at life in Dichotomies, which we all do all the time it is easy to misinterpret the others word or intentions with good or bad at each end of a continuum of gray area in between.

Yes there are the newbie open source users who are on the it's safe all the time no matter what, ignore them they will learn sooner or later that this is just plain kookie talk and reasoning. Same camps abide in all OS centric camps though.

Bests thing any of us can do is recognize the way the brain works; and buys into dichotomies to just move on, it is the reptile part of the brain sometimes, you know the flight or fight mechanisms.

czr114
November 26th, 2010, 12:13 AM
That's not necessarily true in all cases. The Debian SSL bug was created by an open-source packager and was left unpatched for two years for all eyes to see. In an extreme case, there was also a BSD bug that was carried over from the Unix days that was left unfixed for 25 years. I agree that the open-source model allows for more rapid patching and deployment of security updates, but it's not foolproof to security vulnerabilities. Let's not kid ourselves, we're still fallible humans at the end of the day. :)
Agreed. The price of security is eternal vigilance, which is one reason why I'm a huge proponent of the layered security model and its reliance on multiple failsafes.

What happened with the Debian RNG was an inexcusable oversight, but fortunately, it was the exception to the rule. For the most part, the open community development model has given us very strong and robust security software, dispelling much of the reliance on gimmicks, kludges, and crypto-voodoo.

By contrast, countless commercial projects have been beset by basic security errors, like abuse of ECB or the lack of a needed MAC.

The recent ASP.NET Oracle vulnerability shows what happens when security tasks are delegated to developers with less than complete understanding, committed to a build with little oversight, then shipped into the world. No good FOSS development mailing list would have ever let what made that attack work slide by unnoticed.

I see process as very important. If we use the best process to the best of our ability, then we have done the best we can do. It doesn't guarantee a world free of bugs, only the best minimization available to fallible humans.

RiceMonster
November 26th, 2010, 12:39 AM
Had the affected code been publically viewable prior to a commit, test, or full rollout, somebody would have had the opportunity to spot the badly-behaved pointer and fix it before the damage was done.

The code in both those vulnerabilities I linked to was in the "full rollout". In fact, the infamous null pointer dereference had been in the kernel since 2.4. That's a long time. We're talking a vulnerability that was almost a decade old.


Linux has had em but i didn't pay for Linux.
got my vulnerabilities free.

So that makes them magically excusable?

Gremlinzzz
November 26th, 2010, 12:42 AM
The code in both those vulnerabilities I linked to was in the "full rollout". In fact, the infamous null pointer dereference had been in the kernel since 2.4. That's a long time. We're talking a vulnerability that was almost a decade old.



So that makes them magically excusable?

OK that sounds good to me there magically excusable. i like your name Ricemonster

wilee-nilee
November 26th, 2010, 12:45 AM
The code in both those vulnerabilities I linked to was in the "full rollout". In fact, the infamous null pointer dereference had been in the kernel since 2.4. That's a long time. We're talking a vulnerability that was almost a decade old.



So that makes them magically excusable?

I like your posts in general and there is even a thread that icon-ifies you, but you are stuck in the dichotomy camp. Try considering that your perceptions of another's meaning might in actuality be yours alone, although supported by others in your camp. I am in the same camp as well we all are.;)


OK that sounds good to me there magically excusable. i like your name Ricemonster
Lol again your responses are really funny.:popcorn:

RiceMonster
November 26th, 2010, 01:04 AM
Try considering that your perceptions of another's meaning might in actuality be yours alone, although supported by others in your camp.

I suppose, but I'm always right.

cariboo
November 26th, 2010, 01:13 AM
Everybody knows that Linux isn't perfect. But which OS usually fixes the vulnerability faster?

czr114
November 26th, 2010, 01:29 AM
The code in both those vulnerabilities I linked to was in the "full rollout". In fact, the infamous null pointer dereference had been in the kernel since 2.4. That's a long time. We're talking a vulnerability that was almost a decade old.

Compare that with the sheer number of root exploits affecting the Windows core and Internet Explorer. Even with UAC in updated systems, there is still a huge problem with drive-by downloads, let alone on older machines not receiving updates.

The battle against cybercrime is a constant arms race. This community is fortunate to be using software which gives the good guys a chance to examine code and draw bugs out into the light of day. Each bug avoided through public collaboration is one which doesn't have to be cleaned up after on running systems.

wilee-nilee
November 26th, 2010, 02:24 AM
I suppose, but I'm always right.

I can buy that I would say your pretty much are.

Ricemonster for president now of course after Obama gets his 8 years.;)

Khakilang
November 26th, 2010, 04:31 AM
After 30 year and Microsoft still doesn't have a clue about security. What are they doing all this time? Virus started to attack during the MS DOS days and now with Window 7. I wonder my external hard disk with ntfs file system get affected?

inobe
November 26th, 2010, 05:27 AM
Yeah, thankfully Linux has never had any (http://www.linux.com/archive/feature/135270) vulnerabilities (http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html) before!

hook, line and sinker doesn't work here :p

czr114
November 26th, 2010, 05:32 AM
What are they doing all this time?

Marketing, change for the sake of change, FUD, etc.

MasterNetra
November 26th, 2010, 05:34 AM
There will be a such thing as a completely invulnerable OS when pigs fly.

It surprises me how many people go by the amazing(ly bad) "It's secure because they say it is" logic.

A couple decades or less and they could probably be genetically engineered to fly, maybe even less then a decade. So careful with that one. ;)


Marketing, change for the sake of change, FUD, etc.

Indeed and thats some of what we do know. Busy busy.

MisterGaribaldi
November 26th, 2010, 06:44 AM
I don't take exploits or other attacks seriously that require an already otherwise-compromised and penetrated system to be effective. Like someone else here said waaaaaaaaay up-thread, if you've compromised the box already, you've got at least two -- if not more -- problems, and you're just deceiving yourself if you think that fixing the one vulnerability is meaningful.

Besides, if you compromised the system first *to be able to use this other exploit* then shouldn't one ask how the system got compromised in the first place, and deal with either the technical, procedural, policy, or personnel issue first?

czr114
November 26th, 2010, 06:57 AM
Privilege escalation is still a problem. Suppose that a Windows user has a limited account, runs UAC, and has decent and updated security software - all of which are reasonable and sane approaches to security. That user could be caught off guard through deception, which would enable a user-level application he was tricked into running to dig deep, bypass all the security, and take over the system.

Exploits like these can also be chained to turn an attack on a privilege-limited process into a full blown root exploit by combining it with what was described here.

Privilege escalation has been, for decades, a bane of educational institutions and corporate environments.

These exploits are also a disaster for embedded systems. I recall a problem a while back with automated bank machines on which users could break out of the interface, but no farther than a limited account. Add in something like this, and the whole machine is compromised.

Layered security is a good approach to keep stuff like this off the system, because user-level permissions don't always end there.

Dustin2128
November 26th, 2010, 07:11 AM
A couple decades or less and they could probably be genetically engineered to fly, maybe even less then a decade. So careful with that one. ;)

Get me a gene splicer and a pig embryo and you can have yours inside a year.