Microsoft issues 'critical' patch outside normal cycle

Source: CNET

Microsoft will issue a patch for a "critical" security flaw in Windows, the company said Thursday. The patch comes outside of its normal monthly patching cycle due to the severity of the issue.

The vulnerability can result in a remote code execution, in which malicious attackers could take control of a user's computer to launch code.

According to Microsoft's bulletin, the vulnerability is found in Windows 2000 with Service Pack 4, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.



Read more: http://news.cnet.com/8301-1009_3-10073787-83.html

XP Pro here. I wonder how many holes they filled this time...?

How many holes did patching these holes uncover?

;)

Buffer underflow that's been in the NT kernel since NT SP4 and carried over to 2000, XP, and Vista. The patch was supposed to be released at 1PM Pacific.

I have patched my machines already.

and posted this as a heads-up for folks on DU.

Not that there are not patches uploaded on Apples, but it seems that the exploitation of security holes is much more in the PC world...

:popcorn:

:tinfoilhat:

Thats not true, Apples software has always required far more patches than Linux or Windows.

Mac OS X Patch Day
http://blogs.zdnet.com/security/?p=2017

:eyes:

That seriously is the first I have ever heard of this, so I clicked on the link you offered and there was nothing there to back up what you just stated. You linked to a indepth description of one of Apple's their security patches....

I use both operating systems and by far, Windows is much much much more vulnerable than my OS X operating system. I still have never had a virus, trojan horse or any other problem and I have used an Apple computer for over 10 years. Just sayin'....

http://www.technewsworld.com/story/33293.html

"Apples software has always required far more patches than Linux or Windows"

http://www.apple.com/support/downloads

Huge iPhone Security Flaw Puts All Private Information at Risk
http://gizmodo.com/5042332/huge-iphone-security-flaw-puts-all-private-information-at-risk

Apple preps fifth Leopard update with more than 80 patches
http://www.tgdaily.com:80/content/view/38701/140

Apple fixes 70 issues with Mac OS X 10.5.3 update
http://www.macworld.com/article/133634/2008/05/osupdate.html?t=201

Apple patches 11 QuickTime bugs in year's third update
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9074559&intsrc=news_ts_head

Nearly 100 fixes planned for Apple's second Leopard update
http://www.appleinsider.com/articles/08/01/21/nearly_100_fixes_planned_for_apples_second_leopard_update.html

Gone in 2 minutes: Mac gets hacked first in contest
http://www.itworld.com/mac-hacked-first-in-contest-080327

:eyes:

I asked if you could back up the claim but you just disengenuously tried once again to provide examples of patches and updates.... that proves what? That there ARE patches and updates for APPLE? And???? Very good.... now where is your proof to back up your claim that Apple is less secure than Windows....? No Sophistry either....

Oh and I can post emoticons too... see..... :spray:

Just for the heck of it... I will add another link to support my claim:

http://www.pcpro.co.uk/news/65331/os-x-is-worlds-most-secure-operating-system-report-concludes.html

I know some people love their PC's and Macs but be friking honest. It's a fricking tool that you use to get what you need done on a daily basis. What ever works, good for you, just be honest... you are getting nothing from WIndows for BS about Apple's OS X.

You have posted nothing to back up your Biased opinion.

:evilgrin:

weird. Must means tons to you to lie about an operating system. Hopefully Windows pays you.

is much much much more vulnerable than OS X, but you don't offer any proof to back It up.

An old PC Pro Article from November 2004 Is not going to cut It buddy, and you accuse me of "SOPHISTRY"

From 2008
Gone in 2 minutes: Mac gets hacked first in contest
http://www.itworld.com/mac-hacked-first-in-contest-080327

:rofl:

I link to two refuting your claim, twice... can you FIND an article that states, "Windows more secure than OS X"

It doesn't have to state that word for word, but I think you can afford a few brain cells. You've proven you have enough brains to bullshit yourself.

Yes, I will claim both: OS X is more secure than Windows and that you do use and have used sophistry in this argument, because you can't back up your statement that WIndows is more secure than OS X.

If I just linked to examples or patch description for WIndows, this thread would be locked for being too long. All you are doing is pointing to examples and then stating OS X is less secure, yet I linked to two articles refuting your sophist attempt in lying about WIndows being more secure.

Actually it doesn't really matter. Once again... weird and creepy attempt to just appear to win an argument. Have a nice evening...

When you Mac people can not make a valid argument, you resort to personal Insults.

On Edit
I could post several articles stating that Windows Is more secure than OS X, you could post several articles stating that OS X Is more secure than Windows.

But who cares about opinion articles, It's real life facts that matter.
Gone in 2 minutes: Mac gets hacked first in contest
http://www.itworld.com/mac-hacked-first-in-contest-080327

:rofl:

Cut it out, both of you.

System wars are meaningless. The fact of the matter is no OS is ironclad, not even Linux. Security and stability almost always boils down to the end user (or network engineer/administrator in business settings). I have seen Apache hacks, IIS hacks, Apple OS X Server hacks, MSIE hacks and Safari hacks. The belief that Mac OS X is somehow insulated from malicious code simply because it's Mac OS X is misguided.

OS's are nothing more than personal preference. I prefer Leopard OS X 10.5.5 but I use Vista Ultimate 32-bit just as much as I use Mac OS X. Both of them are stable and secure but both of them are equally susceptible to malicious attacks.

Excuse me, but I am free to express my opinion on this forum.

This Is a liberal forum, Is It Not?

:)

I'm just sayin' the whole OS wars thing is silly.

(Did you notice how I slyly sided with you though by saying the Mac OS X belief is misguided?) :P

Only one person on the planet has been this anti-Mac obsessed!

:rofl:

GS/OS rocks!

http://en.wikipedia.org/wiki/GS/OS

If apple is safer, it is only because there are fewer mac users. There was a hack-test recently, where hackers broke into each operating system. It took them ages to get into linux and vista, but only four minutes for the latest mac OS.

When I used Windows, there were updates and patches all the freaking time. Not so with Mac. I'll never go back to Windoze...

to try and dispute the facts.

:evilgrin:

I shutter to think about it!

All operating systems have enormous numbers of flaws. People who go around thinking that they are free from that because they use a Mac are just deluding themselves. I have worked in computer security for years now and can assure you that there is no OS that is free from flaws - Apple has done a good job at pushing that meme out there, but it simply isn't true. They don't catch as many problems as Windows, but that is far more due to their lack of market share than their attention to security.

http://www.pcworld.com/businesscenter/article/149641/apple_displaces_microsoft_in_patch_reports.html

Funny how so few of them are security-related...

:rofl:

No windows no problems.

to fedora RSA key compromise and Ubuntu required a reinstall of ssh after key generation code was damaged.

Those are big.

I am a big Linux fan and have worked in computer security for years, but I would never go as far as to say there are no problems with it. There are and have been huge security issues with Linux.

While the cnet link claims the patch applies to Vista, this InfoWorld link says only XP:

http://www.infoworld.com/article/08/10/23/Microsoft_to_rush_out_emergency_Windows_patch_1.html?source=NLC-TB&cgd=2008-10-23:

"The flaw is considered to be a less serious risk for users of the Windows Vista and Server 2008 operating systems Microsoft said in an advisory on the issue"

How could so many people with PHDs' have such a shitty operating system with so many holes?

Bill Gates dropped out of college without a degree to found Microsoft.

At least starting with Windows 2000 Server. I have had servers run for years without a reboot, as Linux users like to brag.

These fixes are all potential vulnerabilities found during intensive code review processes. Nobody has actually exploited them, and it would be very difficult to do so especially against a system protected by "...Firewall best practices and standard default firewall configurations," as stated in the actual bulletin.

I'm not going to panic and leave work early to patch my 2003 Server system at home, nor will there be any rush at work to update any of our production systems. Like all other changes, the patch will be tested first to ensure that it doesn't break any of our products, then phased into production in a controlled manner.

I'm a wait and see how many people crash n burn before I install anything MS dishes up. Especially Service Packs of which I normally wait 6 months before even considering it.

I've been using computers before DOS was even born, way back in the late 70's when CP/M was king so I'm lucky enough to have a little better understanding of "how things work" as I was in on the ground floor so-to-speak.

The thing is, if you have a really aggressive firewall like Comodo (god I miss AtGuard)a lot the patches are unnecessary. Always read about the patches before installing and see if they REALLY apply to you (like if you aren't running bluetooth you don't need the bluetoothpatch) and NEVER EVER install that malicious software removal tool no matter how many times they offer it. It's nothing but spyware that reports back to the general whose over at your house.

I don't know for sure, but I'm beginning to think that a lot of these CRITICAL UPDATES are nothing more than backdoors for Homeland Insecurity. When I get off the net I close and lock all the doors coming into my puter.

ZW

There are several enormous attack ongoing on the net at the moment. I have spent too much of my recent days and nights identifying and containing the damages. This particular fix affects all MS after W98, workstation and server and involves code for printer/file sharing, web serving, and such. That means your servers have been a risk. You might see your home PC running a web server or contacting remote printers.

There is also a large DNS poisoning in progress in tandem with massive botnet activation.

There is a related attack on IE and Firefox browsers that is hijacking the URL/URI and Search sending you to fake google.com sites. This one also affects Linux and Mac users on Firefox.

Most of these attacks are also subverting antivirus/antispyware tools like Norton, Adaware, etc. I first noticed a problem on a PC at home when Firefox displaced a Shockwave Flash even though no flash player was installed, I was using Firefox with noscript and flashblock, and the various Flash content types were supposed to go to a catch-all program.

I am posting this using the w3m browser -- text only. (Lynx is a similar program.)

I will post more when I have time.

BTW The system I mostly trust is OpenVMS.

Security Update for Windows XP (KB958644)
Date last published: 10/23/2008
Download size: 633 KB

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

System Requirements
Recommended CPU: Not specified.
Recommended memory: Not specified.
Recommended hard disk space: Not specified.

How to Uninstall
This software update can be removed via Add or Remove Programs in Control Panel.

Get help and support
http://support.microsoft.com

More information
http://go.microsoft.com/fwlink/?LinkId=130719

:scared:

IIRC, the Diebold TSx actually runs Windows CE.

This explains quite a bit about their reliability...

What is a security flaw?

:sarcasm:

that is a flaw.

And my other OS is Win98SE. Hackers don't seem to give a damn about either system I'm using. :woohoo:

I'm really really interested in educated opinions on this...should I use this update or not?

I'm not overly disposed to trust these people.

There is already one known worm out there that exploits this flaw (Gimmiv.A)

One of the problems with security patches is that as soon as they are announced, it quickly becomes a race between getting the patch out to the vulnerable systems and people trying to write malicious code to take advantage of the flaw. When the patch is released, it becomes fairly easy (via reverse engineering) to discover how to take advantage of the flaw. So even if there are no zero-day exploits for the flaw, there sure as heck are going to be some within 24 hours of the patch being announced.

If you are sat behind a router performing NAT, then you probably have little to worry about. However, if you are on a more exposed network, this is absolutely critical. Either way, it is a best practice to keep up to date with patches such as this.

I promise not to abuse this 'tech support' priviledge, but may I ask you..?

1. what's NAT network something something...I'm a geek but I'm weak on network voodoo

2. my interenet comes through a. the modem b. the router c. a gigabit switch...do I have little to worry about? I hesitate to update with stuff from Micro$oft.

NAT stands for Network Address Translation. In home use, you will often have a single 'routable' IP address assigned to you. If you were to hook your computer directory to the cable modem, then your computer would get this address. Instead, you have a router between your computer and the modem. The router gets that 'routable' address on its outside connection. Then on the inside (where your computer is) it will use a set of 'non-routable' IP addresses for each computer hooked up to it.

One use of this is to share that single routable address amongst several computers. Another use of it is to hide all of the computers on your network behind the router. Basically, there is no way anyone from the outside can initiate a connection directly to your computer. They can talk to your router, but your computer is hidden behind it. You can initiate a conversation from the inside, but they can not start one from the outside. That actually does an amazing amount of good in providing protection for you.

That basically answers your second question as well - chances are that you are safe behind your router. It is possible to configure a router to do "port forwarding" which would basically let people on the outside directly talk to your computer - but that would not be enabled by default. In this particular case, the attack would have to touch a remote procedure call (RPC) port on your computer, and as such it could not get through your router. Also, if you have XP service pack 2, the default settings on the windows firewall should block this type of communication.


So, the short story is if you are just on your network, behind your router, and no other computers are ever on that network, you are fine. However, the long story is that it is always best to practice 'defence-in-depth' and have multiple layers of security.

So - sorry for the long response - I have to justify all the time I spent learning this stuff somehow - but I hope that helps.

Thank you so much. Really smart people hang out at DU.

I do have some port forwarding set in the router, for video conferencing via a small Macintosh. A client brought it over so we could talk during production. I only use it for that. Should I disable it when I'm not using it? Does it constitute a threat?

And thank you so much for the help!

Here's the deal - if you are port forwarding, you have to watch out for any security issues with those ports. So, don't forward anything you don't need - and watch out for anything that attacks that port.

This particular thing is a little odd in that it attacks remote procedure calls - which can be on any of a number of ports.

I would suggest disabling it if you are not using it - it probably isn't a real big risk, but the less open you are, the better off you are.

The port forwarding is only going to the IP address of the little mac...so I suppose somebody could mess with that, but I wouldn't care too much about that. It's just there for the videoconferencing.

But it is connected to the same network switch. Could it possibly become a back door for malware?

And thanks for any answer.

Well, you are probably ok with it as long as it is not forwarding all ports to that mac - if it is, I would probably disable it when not using it - or find out how to forward only the needed ports.

Theoretically speaking, it could become a back door for malware, but realistically speaking, the risk of that is very low. Especially since you are talking two different operating systems. Most attacks are automated and are not going to be so complex as to attack a mac and then look for nearby pc's or something like that.

The mac is turned off right now anyway, but I think I'll turn off that port forwarding when it's not in use.

Thanks again! Man DU is great

And why I was constantly losing my internets connection! I hope the patch hasn't screwed that up!

I'm using Vista 64 on a machine I built specifically for it and have been happy with it. I went through three betas of Vista and for my machine, it's rock solid. The updates are automatic on my machine and there's always the choice to restore your system.

I do keep backups and clones of my disks though for a "just in case" something slips through my security or of massive hardware failure.

As to the which is better, Apple or Windows? I haven't used Apple enough to say. I will say the Apple commercials are getting pretty old and starting to piss me off enough to where I wouldn't buy their product. Also, I like to build my own boxes so price would be a consideration. I'm running a true quad core AMD 9950 OC'd to 3 with 4 Gigs of unganged 1066 DDR2 Ram with 3 8800GTS's (2 in SLI) with two 25" Hanns-G monitors. It would cost me $10K to get a comparable Apple last time I checked. Another cool thing is that with the Asus M3N-HT Deluxe, you can be browsing the internet within 6-7 seconds of powerup (that's without windows and is due to a nice little on-board linux program that loads even before the bios.

The 64bit seems to run smoother than the 32bit one. My HP laptop orininally had the 32bit Vista Home Premium with 3gigs of ram. Added another gig of ram, bought a 200gb 7200rpm hard drive along with an OEM copy of Vista Ultimate 64bit, after install I got the required drivers from HP's website for the specific model of my notebook to get everything running like it was from the factory. Since then its been smooth sailing!

People bitched about XP when it first came out, Vista IMO is no different only it seems to be more stable and reliable.