Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Windows PCs face ‘huge’ virus threat
Financial Times via Drudge ^ | January 2 2006 18:18 | By Kevin Allison in San Francisco

Posted on 01/02/2006 3:54:03 PM PST by Swordmaker

Computer security experts were grappling with the threat of a newweakness in Microsoft’s Windows operating system that could put hundreds of millions of PCs at risk of infection by spyware or viruses.

The news marks the latest security setback for Microsoft, the world’s biggest software company, whose Windows operating system is a favourite target for hackers.

“The potential [security threat] is huge,” said Mikko Hyppönen, chief research officer at F-Secure, an antivirus company. “It’s probably bigger than for any other vulnerability we’ve seen. Any version of Windows is vulnerable right now.”

The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week. But the potential for damaging attacks increased dramatically at the weekend after a group of computer hackers published the source code they used to exploit it. Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image.

“We haven’t seen anything that bad yet, but multiple individuals and groups are exploiting this vulnerability,” Mr Hyppönen said. He said that every Windows system shipped since 1990 contained the flaw.

Microsoft said in a security bulletin on its website that it was aware that the vulnerability was being actively exploited. But by early yesterday, it had not yet released an official patch to correct the flaw. “We are working closely with our antivirus partners and aiding law enforcement in its investigation,” the company said. In the meantime, Microsoft said it was urging customers to be careful opening e-mail or following web links from untrusted sources.

Meanwhile, some security experts were urging system administrators to take the unusual step of installing an unofficial patch created at the weekend by Ilfak Guilfanov, a Russian computer programmer.

Concerns remain that without an official patch, many corporate information technology systems could remain vulnerable as employees trickle back to work after the holiday weekend.

“We’ve received many e-mails from people saying that no one in a corporate environment will find using an unofficial patch acceptable,” wrote Tom Liston, a researcher at the Internet Storm Center, an antivirus research group. Both ISC and F-Secure have endorsed the unofficial fix.

Microsoft routinely identifies or receives reports of security weaknesses but most such vulnerabilities are limited to a particular version of the Windows operating system or other piece of Microsoft software. In recent weeks, the company has been touting its progress in combating security threats.

The company could not be reached on Monday for comment.


TOPICS: Extended News; Technical
KEYWORDS: backdoor; exploit; getamac; internetexploiter; lookoutexpress; lowqualitycrap; malware; microsoft; patch; security; securityflaw; spyware; trojam; trojan; userfriendly; virus; virusbait; viruses; vulnerability; windows; wmf; worm
Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100101-120121-140 ... 201-205 next last
To: Cementjungle
What's needed is a proper intrusion-detection system, like this one:

I think you're taking CAT5 too literally. :-)

101 posted on 01/02/2006 5:35:19 PM PST by 6SJ7
[ Post Reply | Private Reply | To 64 | View Replies]

To: Decepticon
Let's see....you don't use a PC, you're a Mac fan and you like to post threads like this just to harangue PC users....does that about cover it?

No. I posted it to inform Windows users that they better do somthing to prevent the invasion of their computers. I am merely responding to mis-information (FUD if you will) from ignorant (of Macs, that is) Windows users.

102 posted on 01/02/2006 5:36:56 PM PST by Swordmaker (Beware of Geeks bearing GIFs.)
[ Post Reply | Private Reply | To 96 | View Replies]

To: Decepticon; Swordmaker

I am a very careful person (but I can't speak for my wife when I'm not home and she's got the pooter) but I keep finding viruses and trojans in Java. I finally just installed the program and deleted the entire Sun folder until I can find out what's causing the vulnerability. Any ideas?

BTW, my wife downloads a lot of these "cute" games which I'm guessing are java-based. I'm sure this is the culprit but wanted to make sure that there are no other factors involved here.


103 posted on 01/02/2006 5:37:14 PM PST by streetpreacher (If at the end of the day, 100% of both sides are not angry with me, I've failed.)
[ Post Reply | Private Reply | To 59 | View Replies]

To: Decepticon

DOOMED!


104 posted on 01/02/2006 5:37:55 PM PST by Born to Conserve
[ Post Reply | Private Reply | To 75 | View Replies]

To: streetpreacher
BTW, my wife downloads a lot of these "cute" games which I'm guessing are java-based.

What OS are you running? Whatever it is, you need to protect your computer from your wife's proclivities to download "cute" games. I suggest setting her up with a limited user account...

105 posted on 01/02/2006 5:41:16 PM PST by Swordmaker (Beware of Geeks bearing GIFs.)
[ Post Reply | Private Reply | To 103 | View Replies]

To: Swordmaker

XP Home Edition Service Pack 2 (of course). I am going to go PRO but I haven't had the time or desire to back up my files. I once tried a PRO install over a Home install and it was horrible, so I want to do a clean install this time.


106 posted on 01/02/2006 5:46:46 PM PST by streetpreacher (If at the end of the day, 100% of both sides are not angry with me, I've failed.)
[ Post Reply | Private Reply | To 105 | View Replies]

To: streetpreacher
BTW, my wife downloads a lot of these "cute" games which I'm guessing are java-based. I'm sure this is the culprit but wanted to make sure that there are no other factors involved here.

Teach your wife to scan her downloads with Antidote SuperLite. It's a free, on-demand virus scanner.

107 posted on 01/02/2006 5:48:36 PM PST by holymoly ("A lot" is TWO words.)
[ Post Reply | Private Reply | To 103 | View Replies]

To: Swordmaker

The patch from the highly-regarded Ilfak Guilfanov, mentioned in the article, is available at http://www.hexblog.com.

Per the geeks at F-Secure, "Ilfak Guilfanov has published a temporary fix which does not remove any functionality from the system (all pictures and thumbnails continue to work normally). The fix works by injecting itself to all processes loading USER32.DLL. It patches the Escape() function in GDI32.DLL, revoking WMF's SETABORT escape sequence that is the root of the problem. Now, we wouldn't normally blog about a security patch that is not coming from the original vendor. But Ilfak Guilfanov isn't just anybody. He's the main author of IDA (Interactive Disassembler Pro) and is arguably one of the best low-level Windows experts in the world. ...Ilfak recommends you to uninstall this fix and use the official patch from Microsoft as soon as it is available."

This would seem to be a superior and safer temporary patch than the registry hack that's also been recommended.


108 posted on 01/02/2006 5:50:58 PM PST by RightOnTheLeftCoast (You're it)
[ Post Reply | Private Reply | To 1 | View Replies]

bump


109 posted on 01/02/2006 5:56:12 PM PST by csvset
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker
From GRC,

"Windows 98/SE/ME users: Microsoft's original advice to "unregister the shimgvw.dll" (shell image viewer) was never correct or useful on those platforms. The good news is that all current WMF exploits appear to be non-functional on the older Win9x vintage platforms . . . so you will likely be okay until Microsoft has updated your system with the next security patches. There is no short-term workaround for Windows 9x users."
110 posted on 01/02/2006 6:07:06 PM PST by Texas_Jarhead
[ Post Reply | Private Reply | To 23 | View Replies]

To: holymoly
Why couldn't she just right click and scan the exe. file with the anti-virus software I run now (AVG)? And that still won't detect spyware necessarily.
111 posted on 01/02/2006 6:14:27 PM PST by streetpreacher (If at the end of the day, 100% of both sides are not angry with me, I've failed.)
[ Post Reply | Private Reply | To 107 | View Replies]

To: Decepticon

It doesn't matter. The handwriting is on the wall. It's a logical conclusion.


112 posted on 01/02/2006 6:15:36 PM PST by angkor
[ Post Reply | Private Reply | To 86 | View Replies]

To: Swordmaker
No. I posted it to inform Windows users that they better do somthing to prevent the invasion of their computers.

Yes, it's called Norton Antivirus. Which is much cheaper than spending a crapload of cash for a Mac that's priced twice as much as it's worth and performs a fraction as well as what everyone else on the planet is using.

I am merely responding to mis-information (FUD if you will) from ignorant (of Macs, that is) Windows users.

It looks to me like all you did was make it clear that you paid too much for a POS computer that doesn't do squat. But that's just me.

113 posted on 01/02/2006 6:16:45 PM PST by PetiteMericco
[ Post Reply | Private Reply | To 102 | View Replies]

To: Decepticon
By the way, the site you sent me to about Gibson (and I only cited him because he was cited earlier in this thread), makes the same point that I made to you above: "his crusade has always been a router security issue, not an operating system security issue, and every legitimate router security analyst knows this."

Point is, operating systems are not the issue, whether Windows, OS X, or Linux. Because when exploits can be crafted by script kiddies (or automatons) in large variant numbers with minor differences in exploit code, then the job of routers, firewalls, IDS, and VA become more and more onerous. Or they simplu break or get raced.There comes a point when their job is *entirely* dependent upon (a) self-generating signature identifications and (b) ASIC-based firewalls or parallel processing platforms. In other words, the existing model of perimeter security models no longer works.

Consequently, the exposure of *all* operating systems becomes more problematic over time.

I don't know why you're arguing the point, every firewall and IDS vendor and security person I know accepts that evolution.

114 posted on 01/02/2006 6:31:48 PM PST by angkor
[ Post Reply | Private Reply | To 86 | View Replies]

To: streetpreacher
Why couldn't she just right click and scan the exe. file with the anti-virus software I run now (AVG)? And that still won't detect spyware necessarily.

Back when I was running Norton as my full-time AV, I downloaded an infected zip file. Norton missed it. A manual scan with Antidote found it.

I now run AntiVir. I still double-check all downloads with Antidote.

Just a thought.

115 posted on 01/02/2006 6:33:11 PM PST by holymoly ("A lot" is TWO words.)
[ Post Reply | Private Reply | To 111 | View Replies]

To: RightOnTheLeftCoast
This would seem to be a superior and safer temporary patch than the registry hack that's also been recommended.

Thanks... that info will be invaluable to a lot of Windows XP users.

116 posted on 01/02/2006 6:38:14 PM PST by Swordmaker (Beware of Geeks bearing GIFs.)
[ Post Reply | Private Reply | To 108 | View Replies]

To: Laserman
"Reminds me one more time why I love my Mac!"

Please.....don't be so naive  to think if there was no Microsoft these crabs wouldn't be infecting Macs.  They are only looking to do damage to whoever is on top.

117 posted on 01/02/2006 6:41:57 PM PST by Shamrock-DW
[ Post Reply | Private Reply | To 6 | View Replies]

To: PetiteMericco
It looks to me like all you did was make it clear that you paid too much for a POS computer that doesn't do squat. But that's just me.

Thank you for volunteering your Mac ignorance to make my point for me.

It might be of interest to some on FreeRepublic that InfoWorld has just awarded Apple the InfoWorld 2006 Tech Awards for:

Best Workstation (Apple Macintosh Quad G5)

Best Operating System - Client (Macintosh OSX.4 Tiger)

Best Operating System - Server (Macintosh OSX.4 Server)

But that's just them... one of the top journals for IT professionals in the World.

118 posted on 01/02/2006 6:46:46 PM PST by Swordmaker (Beware of Geeks bearing GIFs.)
[ Post Reply | Private Reply | To 113 | View Replies]

To: Swordmaker
Thank you for volunteering your Mac ignorance to make my point for me.

Hm, ignorance is spending $1999 for a Mac when I can build a computer for $600 that will do everything a Mac does PLUS play games.

119 posted on 01/02/2006 6:58:45 PM PST by PetiteMericco
[ Post Reply | Private Reply | To 118 | View Replies]

To: PetiteMericco
Hm, ignorance is spending $1999 for a Mac when I can build a computer for $600 that will do everything a Mac does PLUS play games.

Macintosh: When you're through playing games.

120 posted on 01/02/2006 7:00:04 PM PST by SlowBoat407 (The best stuff happens just before the thread snaps.)
[ Post Reply | Private Reply | To 119 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100101-120121-140 ... 201-205 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson