Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Feast of Egos
Tim Mullen, 2004-09-07

Eager to tarnish Microsoft's shiny new Service Pack 2, the security press managed to spin the most thin and marginal issues into "gaping holes" and "security craters."

Comments Mode:
Feast of Egos 2004-09-07
Beryllium Sphere LLC (1 replies)
You got the technical issues right! And then gave good advice about the implications.

I've been covering many of the same issues, though not as memorably, at my free newsletter for non-technical home and small business users (http://www.berylliumsphere.com/security_mentor).

It boils down to th...

[ more ]  [ reply ]
Feast of Egos 2004-09-13
Anonymous
Computer security _MAJORITY_ of the times boils down to the competence of users/ Administrators runing them. ...

[ more ]  [ reply ]
Feast of Egos 2004-09-08
Todd Knarr (2 replies)
I have to agree with you about most of the coverage of SP2 "holes" being overblown. Much of the hoopla boils down to the firewall doing it's job. It blocks incoming connections by default. It's supposed to do that. The problem isn't that it's doing it, it's that there's so many critical applications...

[ more ]  [ reply ]
Feast of Egos 2004-09-09
Troll (2 replies)
I have to agree with the original article regarding the "command shell not being zoneID aware" that it is NOT a vulnerability.

Think about it - what was this trying to protect? It's trying to prevent easily dropped files from being easily executed on a system. Introducing a clueless user to the...

[ more ]  [ reply ]
Feast of Egos 2004-09-10
Todd Knarr (2 replies)
Running a program via the command prompt is trivial: drag the program on top of the command-prompt icon and drop it. As I said, users are already known to be willing and able to jump through more hoops than that to run malware. If you want to protect users you need to be at least current with the cu...

[ more ]  [ reply ]
Feast of Egos 2004-09-13
Anonymous
There's a very good reason for the CMD program to not use the new file execution APIs (the ones that check origin of files) : if they did, the majority of administrative scripts in use today would be broken. Admins use these scripts counting on them to run unattended (either as a scheduled job, or a...

[ more ]  [ reply ]
Feast of Egos 2004-09-14
Angus (1 replies)
Bingo. And consider the number of emails you receive giving step by step directions. Has anyone experienced the Virus Hoaxes that make you delete things like sulfnbk.exe? Anyone know any mindless users who followed directions on it? I know lots, and what would stop a virus writer to put those st...

[ more ]  [ reply ]
Feast of Egos 2004-09-16
Anonymous
Not sure what you mean by "a security feature" but it sounds like you are agreeing with the original post about the cmd prompt zone awareness being a security "problem" (not feature.)

It is not, for the very reasons you state. If the user is going to follow those detailed instructions, then the...

[ more ]  [ reply ]
Feast of Egos 2004-09-13
Ed
Are you saying that it is not possible to execute the command via the command prompt for the users?...

[ more ]  [ reply ]
Feast of Egos 2004-09-14
Anonymous
No, no, no. You need to re-read the part in the article where it clearly says that if that high of access is already gained, then there are far worse things that can be done. Don't allow yourself to get caught up in that silliness....

[ more ]  [ reply ]
Feast of Egos 2004-09-08
Anonymous
While I agree that there seems to be a lot of hunting for "BIG SECURITY HOLE"; the issue is the same as always. It could have been much better. The trouble is that nearly everybody who uses a computer has no idea what they are doing. They need to be protected from their own ignorance. Micorsoft coul...

[ more ]  [ reply ]
Feast of Egos 2004-09-08
Mat, CISSP
Microsoft are getting it right! XP and SP2 have a positive impact in the battle to achieve Information Security.

There, I've said it.

The security media focus should be on de-glamourising (spell check ed) malware/virus writing and script kiddie activities.

We should also praise intitiatives...

[ more ]  [ reply ]
Feast of Egos 2004-09-08
Anonymous (1 replies)
The rediculousness of postings on security lists and commercial 'security sites' sites is directly comparable to the "DoS exploits" of IE and Firefox, where the announcement merely includes code which fills up your system memory with useless data. Arguably, if the system locks up you can say that th...

[ more ]  [ reply ]
Most installs were easy, but the ones that weren't were doozies 2004-09-13
Anonymous
I was surprised, too. I did all my homework. Looked at the application compatibility list and made sure I was clean. What I wasn't expecting was SP2 to break a WIRELESS NETWORK DRIVER! Yup, D-Link wireless cards break when you install SP2. If you reconfigure it, it will work 'till the next rebo...

[ more ]  [ reply ]
Feast of Egos 2004-09-08
Anonymous
What a great article. I have seen all of the problems in the press and from even some vendors. In fact one of our vendors has sent out a note saying "Don't install SP2 yet we don't know how it works with our applications yet." I know it works, been using it since Release Canidate 2.
I think that...

[ more ]  [ reply ]
Feast of Egos 2004-09-08
Problem Updates (1 replies)
We will not run the service patch up for now. While the writer makes good points on the errors he discribes, the fact remains, that the software we need to run inorder to DO business, will not run under M$'s new patch. So we are basicly holding our breath updating antivirus and firewalls daily hopi...

[ more ]  [ reply ]
Feast of Egos 2004-09-14
Anonymous
You appear to have forgotten to leave details about the particular apps you are having problems with.

Also, I assume you have notified MS support of the issues?...

[ more ]  [ reply ]
I Agree 2004-09-08
Lucas
Most of the complaints I've seen were technically incorrect or overblown as you have shown. It would also seem that the Microsoft bashers aren't hesitating to join the frenzy caused by opportunists. A good example is the other response to your article that joyingly uses M$ and references Bill Gate...

[ more ]  [ reply ]
Feast of Egos 2004-09-09
Some Hacker (3 replies)
I have used SP2 on Windows XP Professional since it was added to "Windows Update".

This service pack has not had a negative impact on a single application I have used so far.

As for all of the broken applications: If you want you're webserver to work, it is a good idea that you (just maybe) a...

[ more ]  [ reply ]
Feast of Egos 2004-09-14
Anonymous (1 replies)
>> Anti-virus software is irrelevant, as in this day in age hackers are known to have compilers.

For the life of me, I can't work out the relevance of this comment. I am assuming you think that only recently virii (?) have started to be compiled and that anti-virus software can't deal with compi...

[ more ]  [ reply ]
Feast of Egos 2004-09-19
Anonymous
Hackers write their own "trojans", as these do not match anything currently in the database, they are not considered to be viral....

[ more ]  [ reply ]
Feast of Egos 2004-09-14
Brutal Dictator
Agreed and Amen...

Trusting M$ to make competent decisions in reducing security exposures is like letting Michael Jackson run your kids Day Care. If the OS was not fundamentally unsound (from a security point of view) I might feel more compelled to congratulate uSoft on a valiant effort... but i...

[ more ]  [ reply ]
Feast of Egos 2004-09-14
Angus (1 replies)
> Anti-virus software is irrelevant, as in this day in age hackers are known to have compilers.


Using a compiler to modify code isn't as easy as you would think as most AV can still check this because they look at instruction finger prints, i.e., common sections of code, as it is hard to obfus...

[ more ]  [ reply ]
Feast of Egos 2004-09-19
AWKz
"Using a compiler to modify code isn't as easy as you would think..."

true. but using a compiler as a BASE for an obfuscator is a relatively simple task. working in between AST and code generation allows for a fairly robust and irritating compiler. turn off optimization, and create meaningless ...

[ more ]  [ reply ]
Feast of Egos - working as administrator? 2004-09-14
Svilen
Haven't you ever thought that the greatest security hole in windows is the practice of working as an administrator (or user which is a member of the administrators group). And this is the default setting in every installation. And nobody ever urges people to work under a restricted user account. It'...

[ more ]  [ reply ]
SP2 = MS-hyped Snake Oil 2004-09-14
Matthew Murphy
Tim,

You make a good point about the severity of the holes reported thus far. However, the default configurations of Windows Firewall that I have seen expose the "protected" systems to attacks in spite of the firewall being running.

Also, the LMZ Lockdown feature in IE is a joke -- as folder ...

[ more ]  [ reply ]
Feast of Egos 2004-09-14
Anonymous
I can't agree more. In fact I wrote a nasty response to the ZDnet article the other day complaining about the exact same thing. It has become rather shiek to bash Microsoft these days. Not to mention, it makes us all feel better when we tear someone else down. It makes us feel like we have a sen...

[ more ]  [ reply ]
Feast of Egos 2004-09-17
Anonymous
SP2 is a step in the right direction. It isn't perfect and no software patch ever will be. The real issue is badly written software. And trust me.. I work for a company that integrates badly written software and it was a VERY frustrating 3 weeks to get that stuff to work on an SP2 box. But, we e...

[ more ]  [ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus