Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [News] Crackers Outpace Microsoft, New Vulnerability Abound. Linux Provides Fewer and Immediate Patches for Less Severe Bugs

On Fri, 13 Oct 2006 16:52:29 -0500, Erik Funkenbusch wrote:

> On Fri, 13 Oct 2006 21:56:16 +0100, Roy Schestowitz wrote:
> 
>> Hackers Stepping Up Pace of Microsoft Exploits
>> 
>> ,----[ Quote ]
>>| The cat-and-mouse game that Microsoft Corp. and hackers have been playing
>>| for years escalated this week, just as the software giant was addressing
>>| some of the biggest problems facing computer users.
>>| 
>>| On Tuesday, the company released a record 26 security fixes for the
>>| Windows operating system and the widely used Office programs such as
>>| Word, Excel and Outlook. Yesterday, hackers pounced again, posting on
>>| the Internet information about vulnerabilities in PowerPoint 2003, one of
>>| the Office programs widely used by business customers and increasingly
>>| used by students.
>> `----
>> 
>> http://www.washingtonpost.com/wp-dyn/content/article/2006/10/12/AR2006101201744.html
>> 
>> The usual day-after-patch (Wednesday) exploit:
>> 
>> PoC published for MS Office 2003 PowerPoint
>> 
>> ,----[ Quote ]
>>| I wanted to let you know that we've been made aware of proof of concept
>>| code published publicly affecting Microsoft Office 2003 PowerPoint. We
>>| are currently investigating this report. The reported proof of concept
>>| may allow an attacker to execute code on a user?s machine by convincing
>>| them to open a specially-crafted PowerPoint file. We are not aware of
>>| any attacks attempting to use the reported vulnerability or of customer
>>| impact at this time. 
>> `----
>> 
>> http://blogs.technet.com/msrc/archive/2006/10/12/poc-published-for-ms-office-2003-powerpoint.aspx
>> 
>> The release of Windows Vista, even if (hypothetically speaking) it got
>> embraced fully over time, would be no remedy. Links follow.
>> 
>> 
>> Windows kernel protection expected to break soon
>> 
>> ,----[ Quote ]
>>| PatchGuard, a Microsoft technology to protect key parts of Windows,
>>| will be hacked sooner rather than later, a security expert said Thursday.
>> `----
>> 
>> http://news.zdnet.com/2100-1009_22-6125274.html
>> 
>> Windows Vista: It's More Secure, We Promise
>> 
>> ,----[ Quote ]
>>| Well, allow me to take a moment to remind everyone of something that
>>| you might not remember - XP was also touted as being ultra secure.
>>| Seriously, can anyone honestly look themselves in the mirror and say 
>>| this is the gospel truth? You have got to be kidding me. Similar to
>>| XP, Microsoft promises to have the most secure Windows version to date
>>| yet again.
>> `----
>> 
>> http://www.osweekly.com/index.php?option=com_content&task=view&id=2357&Itemid=449
>> 
>> Perspective: Why Microsoft is wrong on Vista security
>> 
>> ,----[ Quote ]
>>| The net-net is that the user is demonstrably less safe as compared to
>>| during the XP days, when security vendors could use their advanced
>>| behavioral features.
>> `----
>> 
>> http://news.com.com/Why+Microsoft+is+wrong+on+Vista+security/2010-7349_3-6123924.html
>> http://tinyurl.com/fdhzw
>> 
>> IE 7 bugs abound
>> 
>> ,----[ Quote ]
>>| "But browser testers may already be at risk, according to security 
>>| researcher Tom Ferris. Late Tuesday, Ferris released details of a potential 
>>| security flaw in IE 7. An attacker could exploit the flaw by crafting a 
>>| special Web page that could be used to crash the browser or gain complete 
>>| control of a vulnerable system, Ferris said in an advisory on his Web site. 
>>| Microsoft had no immediate comment on Ferris' alert."
>> `----
>> 
>> http://news.com.com/2100-1002_3-6034054.html?part=rss&tag=6034054&subj=news
>> 
>> Black Hat Takes Vista to Task
>> 
>> ,----[ Quote ]
>>| She demonstrated two potential attack vectors. One could allow unsigned
>>| code to be loaded into the Vista kernel. The second vector involved
>>| taking advantage of AMD's Pacific Hardware Virtualization to inject a
>>| new form of super malware that Rutkowska claimed to be undetectable.
>> `----
>> 
>>                 http://www.internetnews.com/security/article.php/3624861
>> 
>> Symantec highlights Windows Vista user vulnerabilities
>> 
>> ,----[ Quote ]
>>| Symantec has shed more light on potential vulnerabilities in Windows
>>| Vista that could circumvent new security measures and leave users
>>| vulnerable to attack.
>> `----
>> 
>> http://www.theregister.co.uk/2006/08/02/symantec_windows_vista_security/
>> 
>> Symantec continues Vista bug hunt
>> 
>> ,----[ Quote ]
>>| After poking around the Windows Vista networking stack, Symantec
>>| researchers have tried out privilege-escalation attacks on an early
>>| version of the Windows XP successor.
>>|
>>| "We discovered a number of implementation flaws that continued to allow
>>| a full machine compromise to occur," Matthew Conover, principal
>>| security researcher at Symantec, wrote in the report titled "Attacks
>>| against Windows Vista's Security Model." The report was made available
>>| to Symantec customers last week and is scheduled for public release
>>| sometime before Vista ships, a Symantec representative said Monday.
>> `----
>> 
>>                 http://news.zdnet.com/2100-1009_22-6097976.html
>> 
>> Six reasons you'll hate networking in Windows Vista
>> 
>> ,----[ Quote ]
>>| Author finds some details 'maddening,' 'brain dead' and 'laughably
>>| rudimentary.'
>> `----
>> 
>> http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9003835&pageNumber=1
>> 
>> Symantec Finds Flaws In Vista's Network Stack
>> 
>> ,----[ Quote ]
>>| Researchers with Symantec's advanced threat team poked through
>>| Vista's new network stack in several recent builds of the
>>| still-under-construction operating system, and found several bugs
>>| -- some of which have been fixed, including a few in  Monday's
>>| release -- as well as broader evidence that the rewrite of the
>>| networking code could easily lead to problems.
>>|
>>| [...]
>>|
>>| Among Newsham's and Hoagland's conclusions: "The amount of new
>>| code present in Windows Vista provides many opportunities for
>>| new defects."
>>|
>>| "It's true that some of the things we found were 'low-hanging
>>| fruit,' and that some are getting fixed in later builds,"
>>| said Friedrichs. "But that begs the question of what else
>>| is in there?"
>> `----
>> 
>> http://www.techweb.com/wire/security/190700049;jsessionid=MWLALDT21M1...
>> 
>> Symantec Says Windows Vista Will be Less Secure than XP
>> 
>> ,----[ Snippet ]
>>| Symantec said earlier last week that there were no viruses for Apple's
>>| OS X.
>> `----
>> 
>>                         http://www.dailytech.com/article.aspx?newsid=3389
>> 
>> Symantec sees an Achilles' heel in Vista
>> 
>> ,----[ Quote ]
>>| Some of Microsoft's efforts to make Windows Vista its most stable and
>>| secure operating system ever could cause instability and new security
>>| flaws, according to a Symantec report.
>>|
>>| [...]
>>|
>>| "Microsoft has removed a large body of tried and tested code and
>>| replaced it with freshly written code, complete with new corner cases
>>| and defects," the researchers wrote in the report, scheduled for
>>| publication Tuesday.
>> `----
>> 
>>                 http://news.zdnet.com/2100-1009_22-6095119.html 
>> 
>> McAfee: Microsoft completely unrealistic on Vista
>> 
>> ,----[ Quote ]
>>| Windows Vista does not ship with antivirus software installed and active,
>>| but for the first time Microsoft will be promoting their own antivirus
>>| service in Windows OneCare. Alex Eckelberry, CEO of Sunbelt Software,
>>| has already called Microsoft's plans predatory based on pricing. McAfee
>>| is focusing its critique on operating system design, arguing instead that
>>| Microsoft's decisions with Vista will simply make the operating system
>>| less secure.
>>| 
>>| In the advertisement, McAfee CEO George Samunek is quoted as saying,
>>| "Microsoft is being completely unrealistic if, by locking security
>>| companies out of the kernel, it thinks hackers won't crack Vista's kernel.
>>| In fact, they already have." The advert continues: "With its upcoming
>>| Vista operating system, Microsoft is embracing the flawed logic that
>>| computers will be more secure if it stops co-operating with the
>>| independent security firms."
>> `----
>> 
>> http://arstechnica.com/news.ars/post/20061002-7875.html
>> 
>> 
>> Cisco exec: Windows Vista is scary
>> 
>> ,----[ Quote ]
>>| "Parts of Vista scare me," Gleichauf said at the Gartner Security Summit
>>| here on Monday. "Anything with that level of systems complexity will have
>>| new threats, as well as bringing new solutions. It's always a struggle
>>| in security, trying to build for what you don't know."
>> `----
>> 
>> http://news.zdnet.com/2100-1009_22-6116823.html
>> 
>> ,----[ Quote ]
>>| "Up to 60% of the code in the new consumer version of Microsoft new Vista
>>| operating system is set to be rewritten as the Company 'scrambles' to fix
>>| internal problems a Microsoft insider has confirmed to SHN... Microsoft has
>>| also admitted that it has major problems in it's Windows division and has
>>| has immediately initiated a total restructure of the division..."
>> `----
>> 
>> 
>> http://www.smarthouse.com.au/Computing/Platforms?Article=/Computing/Platforms/R7G5G6U4
>> 
>> This should motivate everyone to step up and migrate to GNU/Linux. Windows
>> seems like a dead-end project, so better put the money on the stronger
>> stallion. Better sooner than later.
> 
> More reposts upon reposts of the same articles you've posted a dozen times
> before.  
> 
> And I like the quick little blurb that tries to make all this non-Linux
> related content look like it belongs here.

That's his latest tactic.
Post a link that has nothing to do with the subject line then write
something after the link that has nothing to do with what the link is
talking about.

He's a slimy one that Roy!


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index