Posted on 01/02/2006 3:54:03 PM PST by Swordmaker
Computer security experts were grappling with the threat of a newweakness in Microsofts Windows operating system that could put hundreds of millions of PCs at risk of infection by spyware or viruses.
The news marks the latest security setback for Microsoft, the worlds biggest software company, whose Windows operating system is a favourite target for hackers.
The potential [security threat] is huge, said Mikko Hyppönen, chief research officer at F-Secure, an antivirus company. Its probably bigger than for any other vulnerability weve seen. Any version of Windows is vulnerable right now.
The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week. But the potential for damaging attacks increased dramatically at the weekend after a group of computer hackers published the source code they used to exploit it. Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image.
We havent seen anything that bad yet, but multiple individuals and groups are exploiting this vulnerability, Mr Hyppönen said. He said that every Windows system shipped since 1990 contained the flaw.
Microsoft said in a security bulletin on its website that it was aware that the vulnerability was being actively exploited. But by early yesterday, it had not yet released an official patch to correct the flaw. We are working closely with our antivirus partners and aiding law enforcement in its investigation, the company said. In the meantime, Microsoft said it was urging customers to be careful opening e-mail or following web links from untrusted sources.
Meanwhile, some security experts were urging system administrators to take the unusual step of installing an unofficial patch created at the weekend by Ilfak Guilfanov, a Russian computer programmer.
Concerns remain that without an official patch, many corporate information technology systems could remain vulnerable as employees trickle back to work after the holiday weekend.
Weve received many e-mails from people saying that no one in a corporate environment will find using an unofficial patch acceptable, wrote Tom Liston, a researcher at the Internet Storm Center, an antivirus research group. Both ISC and F-Secure have endorsed the unofficial fix.
Microsoft routinely identifies or receives reports of security weaknesses but most such vulnerabilities are limited to a particular version of the Windows operating system or other piece of Microsoft software. In recent weeks, the company has been touting its progress in combating security threats.
The company could not be reached on Monday for comment.
Since it's a vulnerability built into the GDI, which is the graphics interface, it would probably not matter what program actually displays the infected image file.
Mark
Must be hard on your mouse.
Or, if you don't feel like upgrading.
http://www.ugo.com/channels/games/features/switch/media/switch.mov
jpgs, gifs, bmps are all possible carriers. Just going to a web site could possibly infect your computer.
Mark
What's throwing you off about the term? "Publish" in this context means nothing more than distributing. They can make a download available via a website or Bittorrent, and that counts as publishing.
Sorry, I don't play games... and my G5 did not cost me $1999.
Just more ignorance from someone who has never really used a Mac... probably never even touched one.
A good thing for you, because if you wanted to, you'd have to build a PC--like everyone else on the planet.
and my G5 did not cost me $1999.
It will when you have to throw it in the trash and buy a new one when the technology becones outdated.
Sorry, Mac Fanboy--every public school in the US uses Mac. So yes, I learned how to use one. Too bad it's now wasted knowledge in my brain.
Well, considering there are probably only five Windows PCs in the entire world that aren't already laden with viruses and spyware, how much difference can this make?
LOL
How is this in relation to the HTML standards? If it goes back to Pre-95 Windows, this could be a serious flaw which could eventually be used to affect another OSs developed since then.
Sorry, Petite, but unless you graduated from public school in the last four years, you have not used Macintosh OSX. And even then I doubt it.
There is NO relationship between OSX and its predecessors other than name. Keep demonstrating your ignorance. Shall I base my opinion of Windows XP on Windows 95? or even Windows 98?
I have not denigrated you by calling you names... but you immaturely insist on using slurs such as "Mac Fan Boy" in your posts to me. I assure you I am a long way from a "boy" and I make my living working on your vaunted PCs, fixing the numerous ailments they come down with. Intimate involvement with PCs for over 22 years has taught me far more of their shortcomings than your posts ever will. Nor will your postings change my mind about the relative merits of Windows and Macintosh... because I am not ignorant of either platform... because, by spouting myths, you keep demonstrating you do not have the experience with Macintosh to qualify to have an opinion.
Absolutely NOT true. Sites like FreeRepublic could easily become vectors for this type of attack. Any troll from DU could post an image that was infected. The preceeding image is not, to the best of my knowledge infected, but there is nothing stopping such a troll from posting a link here, and *poof*, you're infected (if you're running windows and IE).
I just knew if I scrolled down this thread a while, I'd see exactly this bit of fud thrown out.
Fortunately, I have a reply that I've previously written to counter this silly FUD.
Oh, I don't know. Perhaps as someone else already said on this thread, it might be done for the bragging rights of having created the first successful virus/worm to attack Macs.
I've seen this charge that the small market share that Mac and Linux have is what keeps them safe. It is repeated often enough and seems reasonable enough until you actually look at the history of some other worms/viruses.
Consider: the spread of the Witty Worm.
Quoth the poster:
Witty infected only about a tenth as many hosts than the next smallest widespread Internet worm. Where SQL Slammer infected between 75,000 and 100,000 computers, the vulnerable population of the Witty worm was only about 12,000 computers. Although researchers have long predicted that a fast-probing worm could infect a small population very quickly, Witty is the first worm to demonstrate this capability. While Witty took 30 minutes longer than SQL Slammer to infect its vulnerable population, both worms spread far faster than human intervention could stop them. In the past, users of software that is not ubiquitously deployed have considered themselves relatively safe from most network-based pathogens. Witty demonstrates that a remotely accessible bug in any minimally popular piece of software can be successfully exploited by an automated attack.
I suspect there are more than 12,000 Linux and/or Mac hosts out there on the internet.
Also, consider that the folks who were hit with this were also among the more security-concious users:
The vulnerable host population pool for the Witty worm was quite different from that of previous virulent worms. Previous worms have lagged several weeks behind publication of details about the remote-exploit bug, and large portions of the victim populations appeared to not know what software was running on their machines, let alone take steps to make sure that software was up to date with security patches. In contrast, the Witty worm infected a population of hosts that were proactive about security -- they were running firewall software. The Witty worm also started to spread the day after information about the exploit and the software upgrades to fix the bug were available.
Show me a successful worm/virus against Macs and I'll listen. Until then, your talking point is FUD.
And I don't intend to, either. Because you see, my PC does everything your Mac does, twice as fast and at a fraction of the cost--and with the truckload of cash I saved, I can buy a plasma screen TV.
Have a nice day.
Slur? Was something I said about your seemingly inordinate attachment to an overpriced teal plastic boat anchor factually incorrect?
Yes. Windows users live on the good graces of hackers. We are so lucky that the vast majority of worms and viruses so far have been much more intent on spreading than actually causing harm.
It's a frightening thought actually.
Hm, you can't exactly brag about doing something illegal like writing viruses when the bragging will send you to jail.
Duh.
Duh.
You do among a community of fellow punks, delinquents, hackers and code kiddies who think it's just "swell" to bring down commerce, defense, and health care systems.
Duh.
If you look at the history of such things, you'll find that swordmaker, and others who regularly post on these tech threads also post for vulnerabilities in open source software as well. The idea is to let people know the vulnerabilities exist, so they can take appropriate actions.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.