Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Windows PCs face ‘huge’ virus threat
Financial Times via Drudge ^ | January 2 2006 18:18 | By Kevin Allison in San Francisco

Posted on 01/02/2006 3:54:03 PM PST by Swordmaker

Computer security experts were grappling with the threat of a newweakness in Microsoft’s Windows operating system that could put hundreds of millions of PCs at risk of infection by spyware or viruses.

The news marks the latest security setback for Microsoft, the world’s biggest software company, whose Windows operating system is a favourite target for hackers.

“The potential [security threat] is huge,” said Mikko Hyppönen, chief research officer at F-Secure, an antivirus company. “It’s probably bigger than for any other vulnerability we’ve seen. Any version of Windows is vulnerable right now.”

The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week. But the potential for damaging attacks increased dramatically at the weekend after a group of computer hackers published the source code they used to exploit it. Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image.

“We haven’t seen anything that bad yet, but multiple individuals and groups are exploiting this vulnerability,” Mr Hyppönen said. He said that every Windows system shipped since 1990 contained the flaw.

Microsoft said in a security bulletin on its website that it was aware that the vulnerability was being actively exploited. But by early yesterday, it had not yet released an official patch to correct the flaw. “We are working closely with our antivirus partners and aiding law enforcement in its investigation,” the company said. In the meantime, Microsoft said it was urging customers to be careful opening e-mail or following web links from untrusted sources.

Meanwhile, some security experts were urging system administrators to take the unusual step of installing an unofficial patch created at the weekend by Ilfak Guilfanov, a Russian computer programmer.

Concerns remain that without an official patch, many corporate information technology systems could remain vulnerable as employees trickle back to work after the holiday weekend.

“We’ve received many e-mails from people saying that no one in a corporate environment will find using an unofficial patch acceptable,” wrote Tom Liston, a researcher at the Internet Storm Center, an antivirus research group. Both ISC and F-Secure have endorsed the unofficial fix.

Microsoft routinely identifies or receives reports of security weaknesses but most such vulnerabilities are limited to a particular version of the Windows operating system or other piece of Microsoft software. In recent weeks, the company has been touting its progress in combating security threats.

The company could not be reached on Monday for comment.


TOPICS: Extended News; Technical
KEYWORDS: backdoor; exploit; getamac; internetexploiter; lookoutexpress; lowqualitycrap; malware; microsoft; patch; security; securityflaw; spyware; trojam; trojan; userfriendly; virus; virusbait; viruses; vulnerability; windows; wmf; worm
Navigation: use the links below to view more comments.
first previous 1-20 ... 141-160161-180181-200201-205 next last
To: PetiteMericco
I refer you back to my post above #134. If you want to talk about Occams Razor, you might consider the fact that perhaps it is a lot harder to write a successful virus for Linux and/or OSX than it is for MS-Windows. As has been pointed out several times on this thread, there are plenty of potential systems out there to attack, and if it were as easy as it apparently is for MS-Windows, you would find at least one of them out there. The simplest answer to the question is that it is, in fact, much more difficult, which is why we don't see any.
181 posted on 01/03/2006 8:42:56 AM PST by zeugma (Warning: Self-referential object does not reference itself.)
[ Post Reply | Private Reply | To 155 | View Replies]

To: Swordmaker

It hasn't been shot down at all. There's virus protection for BSD systems, which would be totally unnecessary if Mac OSX and BSD were immune. I know; I run BSD networks at home and work.

But then again, I've never had a virus problem on Windows.


182 posted on 01/03/2006 8:43:35 AM PST by 1L
[ Post Reply | Private Reply | To 28 | View Replies]

To: PetiteMericco
Hm, you can't exactly brag about doing something illegal like writing viruses when the bragging will send you to jail.

Are you really so disconnected from reality that you don't realize that sociopathic criminals care about the "respect" they get from other sociopathic criminals, and don't give a damn about the opinions of normal people?

183 posted on 01/03/2006 8:55:59 AM PST by steve-b (A desire not to butt into other people's business is eighty percent of all human wisdom)
[ Post Reply | Private Reply | To 138 | View Replies]

To: Swordmaker

MAC


184 posted on 01/03/2006 8:56:57 AM PST by Casloy
[ Post Reply | Private Reply | To 1 | View Replies]

To: 1L
There's virus protection for BSD systems, which would be totally unnecessary if Mac OSX and BSD were immune.

Sure... there are companies making virus protection software for Mac OSX as well... and it does a good job of removing WINDOWS viruses from email and it will also identify WINDOWS viruses in WINDOWS executables... and they have definition files for the fewer than 100 virii that could infect a pre-OSX Mac but that have no impact at all on an OSX Mac. These Mac anti-virus apps also a couple definitions for the one or two "proof of concept" Trojans that were created for OSX by the Mac anti-virus publishers (but never found in the wild)... but the only Mac users who run them do so as a courtesy to their WINDOWS using friends to catch an occasionaly WINDOWS virus laden email they might inadvertently forward to them.

In other words, 1L, I could put up anti-zebra umbrellas over my garden to protect my garden against zebras falling from the sky, but the mere existance of my ant-zebra umbrellas is no proof that there are zebras falling from the sky.

Did UNIX have malware? Yes. Is it a problem today? No... because the vulnerabilities of the open source code were closed almost as fast as they were revealed. The protections against those malware are now incorporated into the underlying operating system. This development and hardening of the OS has been going on for over 35 years.

Is Windows still vulnerable to most of the 100,000 plus viruses that were created to plague it? No. Protections for 95% of those are also now built into the OS... but it it TOO EASY for a script kiddie to write new malware for Windows

But then again, I've never had a virus problem on Windows.

You know, I have Windows XP machines running right here, and I also have never had an infection either... but my business clients certainly have had and do get infected (Fewer now with XP, but I will be busy this week applying patches for their Windows machines for this exploit... and then go back and reactivate the stuff that gets turned off when MS finally gets an official patch out). You and I know what to do and what not to do to keep our Windows machine's clean... but the malware is not a problem for users like us... it is a problem and a fear for Mom and Pop and 90% of the rest of Windows users. A lot of those Mom and Pop users have given up and packed up their computers and stuffed them in the closet or given them away in frustration.

I also have Mac users in businesses and I have NEVER had to clean spyware, adware, or viruses off of even one of their Macs. They lose no productive time to the myriad issues that can plague a Windows box... they don't even have to let their machines download, install, and run updates to the non-installed anti-malware applications they DON'T HAVE TO RUN... and they don't have to accept the performance hit that all those multiple anti-apps demand from their machines when they are running. I get called in to see the Mac users only for upgrades and an occasional hardware problem. If they had Windows computers I would see them a lot more often and make a lot more money from them.

185 posted on 01/03/2006 9:24:07 AM PST by Swordmaker (Beware of Geeks bearing GIFs.)
[ Post Reply | Private Reply | To 182 | View Replies]

To: Mannaggia l'America
No, it's in the DLL that displays .wmf files, not .wmv (Windows Movie). .wmf files are Windows Metafile files, which are basically image files, mostly used for clip art, rarely on legitimate web pages.

It's possible for a file with any extension to exploit this security hole:

From the SANS WMF Exploit FAQ:

Should I just block all .WMF images?

This may help, but it is not sufficient. WMF files are recognized by a special header and the extension is not needed. The files could arrive using any extension, or embeded in Word or other documents.


186 posted on 01/03/2006 9:35:47 AM PST by steve-b (A desire not to butt into other people's business is eighty percent of all human wisdom)
[ Post Reply | Private Reply | To 30 | View Replies]

To: Swordmaker

My point is that there isn't anything inherent in the Mac OSX that prevents or eliminates viruses. To some extent Mac does benefit from the open source foundation of its system, but that's a plug for BSD, not for Mac.

So the argument that no one writes viruses for Mac, even if harder to do, because of the lack of widespread deployment is still true and hasn't been debunked. You can't assume that because none of your business clients that use macs don't have problems now, that they wouldn't have problems if Mac OSX owned 90% of the market. There's no way to test that, so unless there are inherent barriers in the OS, which there aren't, problems would happen on that platform if it had a larger market.

We've been over this before -- at least 3 times. Comparing a Mac g5 to a entry level Dell is idiotic. Both I, and every Mom and Pop in America, can spend 75% of what a Mac costs on a custom built PC with great components and simple protection software thats easy to use, and have all the benefits of a Mac without all of the incompatabilities.


187 posted on 01/03/2006 9:50:00 AM PST by 1L
[ Post Reply | Private Reply | To 185 | View Replies]

To: Decepticon
Errr, I thought the flaw was in .wmv files, quit downloading porn and music files until the patch comes out.....problem solved.

Not hardly.

"Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image."

188 posted on 01/03/2006 10:09:43 AM PST by houeto (Mr. President, close our borders now!)
[ Post Reply | Private Reply | To 16 | View Replies]

To: Decepticon
quit downloading porn and music files until the patch comes out.....problem solved

Nope. The exploit can be conveyed by simply viewing an image containing malicious code and a WMF header (the file need not have a .WMF extension on the name). Some DUmpster troll could post a trojan-horse image on this very thread, and you'd get hit just be reading it.

189 posted on 01/03/2006 11:31:22 AM PST by steve-b (A desire not to butt into other people's business is eighty percent of all human wisdom)
[ Post Reply | Private Reply | To 16 | View Replies]

To: 1L
My point is that there isn't anything inherent in the Mac OSX that prevents or eliminates viruses.

That statement is simply untrue.

Unlike Windows, the inherent design of Mac OS X is intended prevent malware from getting installed. So far, the hackers have failed in every attempt to spread a Mac virus, even though most Mac users don't use anti-virus software.

190 posted on 01/03/2006 12:27:29 PM PST by HAL9000 (Get a Mac - The Ultimate FReeping Machine)
[ Post Reply | Private Reply | To 187 | View Replies]

To: HAL9000

What, specifically, is in OSX to make it virus proof?


191 posted on 01/03/2006 1:03:21 PM PST by 1L
[ Post Reply | Private Reply | To 190 | View Replies]

To: 1L
What, specifically, is in OSX to make it virus proof?

Several details about the secure architecture of Mac OS X are available here - securityawareness.blogspot.com. Microsoft could have implemented the same measures, but didn't.

The next generation of Macs will have even more security features - for example, an patented new method to prevent code from being tampered with.

192 posted on 01/03/2006 1:31:56 PM PST by HAL9000 (Get a Mac - The Ultimate FReeping Machine)
[ Post Reply | Private Reply | To 191 | View Replies]

To: HAL9000

The article does NOT support your assertion that "the inherent design of Mac OS X is intended prevent malware from getting installed." To the extent there are any inherent designs, it is the BSD core and not the Apple overlaid GUI that creates the inherency. Anyone can download and install on a 486 that core. Besides, malware wasn't really much of an issue when OSX came out, and especially when it was in the design phase. It didn't become a great issue until broadband took off on the home desktop.


193 posted on 01/03/2006 2:52:27 PM PST by 1L
[ Post Reply | Private Reply | To 192 | View Replies]

To: Swordmaker

194 posted on 01/03/2006 3:08:18 PM PST by Uri’el-2012 (Trust in the YHvH for ever, for the LORD, YHvH is the Rock eternal. (Isaiah 26:4))
[ Post Reply | Private Reply | To 185 | View Replies]

To: Swordmaker

"The internet is going to be a might plain looking place without any graphics..."

My understanding is that this vulnerability is in WMF graphics, which are an oddball format that only Winblows supports.

Turn off WMF support.


195 posted on 01/03/2006 3:10:37 PM PST by BeHoldAPaleHorse (MORE COWBELL! MORE COWBELL! (CLANK-CLANK-CLANK))
[ Post Reply | Private Reply | To 3 | View Replies]

To: mysterio
In other news, water is wet, the sky is blue, and women are hard to understand sometimes.

Sometimes????

196 posted on 01/03/2006 3:13:35 PM PST by Petruchio ( ... .--. .- -.-- / .- -. -.. / -. . ..- - . .-. / .. .-.. .-.. . --. .- .-.. / .- .-.. .. . -. ...)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Rodney King

"I'd buy a Mac, but I'm not gay."

I have a Mac, but I don't use it because I hate the interface... AND... I'm not gay.

I am, however, geeky enough to use my Linux box from time to time. Gnome Mahjong is addictive. Open Office sux.


197 posted on 01/03/2006 3:17:47 PM PST by Poser (Willing to fight for oil)
[ Post Reply | Private Reply | To 157 | View Replies]

To: BeHoldAPaleHorse

My understanding is that, because of the way Windows core components operate, the exploit can be enclosed in any sort of image file--JPEG or GIF, for example.


198 posted on 01/03/2006 3:23:55 PM PST by dinodino
[ Post Reply | Private Reply | To 195 | View Replies]

To: BeHoldAPaleHorse
My understanding is that this vulnerability is in WMF graphics, which are an oddball format that only Winblows supports. Turn off WMF support.

That won't protect you -- Windows recognizes any file with a certain header within the file as a WMF and processes it accordingly even if the file name doesn't end in ".WMF".

199 posted on 01/03/2006 4:30:56 PM PST by steve-b (A desire not to butt into other people's business is eighty percent of all human wisdom)
[ Post Reply | Private Reply | To 195 | View Replies]

To: steve-b; All

OK, so I ran the fix from hexblog and rebooted.

But when I ran their detection tool afterwards, I still got the bad news.

"Your system is vulnerable to WMF exploits".


200 posted on 01/04/2006 4:54:33 AM PST by Westbrook (Having more children does not divide your love, it multiplies it!)
[ Post Reply | Private Reply | To 199 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 141-160161-180181-200201-205 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson