Microsoft has one more time proove that even If You have a lot of money, a lot of talented programmer it is impossible to improve security in an existing huge codebase like windows....

Trustworthy Computing
This is a first: the Internet Storm Center is recommending trustworthy computing. They want you to trust that the unofficial patch for the Windows Metafile Volunerability that is currently being exploited by an IM worm. No patch from Microsoft at this time, and the exploit is arranged in such a manner that it cannot be detected by most intrusion detection systems (the snort rule will peg the CPU on your router) nor filtered by packet-inspecting firewalls (it spans two or more ethernet frames). Not really a whole lot of choice about this one.

read more at http://isc.sans.org

Someone has post this (see below) on slashdot, it explain clearly how You can get hacked...

 It's probably a hard problem to patch. From what I've gathered, this is a feature of WMFs, not a bug. They were designed before people even knew what the Internet was. WMFs, apparently, have the ability to specify code to be run on a failure to render. So the bad guys give you a bad WMF file, cleverly renamed as JPG, and stick it in an ad banner. You browse a site (with any browser), Windows fails to render the WMF (which it will recognize even if the filename says JPG), runs the specified failure code, and you're hacked. That fast.

Changing code that's this deeply buried in Windows is risky. The interpreter for WMF is one of the remnants of code left over from single-user computers, and they'll have to test changes very thoroughly. They're GOING to break things with this patch, because they're removing a designed-in feature. They're probably working feverishly to figure out how to minimize the damage, but some damage is inevitable. And the problem could be far worse than it appears; that DLL could be riddled with problems. It may not have been audited in many years.

This is yet another example of how you can't retrofit security; the first Windows versions were designed when security wasn't even an issue, when the Internet was barely a twinkle in Al Gore's eye. There's a mountain of code that was written just to work, not to worry about being handed malicious data. If a user passed bad values to a system call and it crashed, oh well. It was their fault for doing it. It's not like they had anything to gain from it, after all. They owned the computer. Why on earth would the computer need to protect itself from its owner?

With the advent of the Net, Microsoft decided to both stay backward-compatible and extend what they had onto the Internet. And their focus for many years was on new features, not security. Essentially every security person at the time warned them -- stridently -- against the choices they were making. It was obviously going to be a trainwreck. This is just the latest in that ongoing collision between a single-user operating system and exposure to every computer in the world.

Even worse, it is sooo bad that some people open source tool to increase invisibility of this issue...
(News Here)
We released a new version of the metasploit framework module  for the WMF flaw, this one uses some header padding tricks and gzip encoding to bypass all known IDS signatures. Consider this "irresponsible" if you like, but it clearly demonstrates that a run-of-the-mill signature-based IDS (or A/V) is not going to work for this flaw. If anyone has any questions about why we are releasing these types of modules so early after the disclosure, feel free to drop me an email.

Original Marketting information of Trustworthy Computing can be found here.

PS: SuSE 10.0 is not affected I know I know it is easy to hit someone laying on the ground  ;-)

comments powered by Disqus

You might like also

Windows 7 is out, pathetic Mac ads video
No longer interesting. They need to find something else as it look a bit outdated …
3501 Days ago
Chickipedia Vs Wikipedia
I've seen these add before...but were? I know last time was the Vista Sad Song :-) …
4017 Days ago
SAD day for users Freedom
Microsoft Open XML has been approved by ISO, corruption and money talk in action! Irregularities during the vote are popping up "Microsoft's embattled Office Open XML document format received ISO fast-track approval after receiving support from approximately 86 percent of the national bodies that participated in the vote. ISO approval will be broadly perceived as a sign of validation for the document format which has received widespread criticism from technical experts and standards advocacy groups." read more HERE From the …
4069 Days ago
No Thumbnail was found
A good article with a lot of points against OOXML, and why this file format MUST BE REJECTED by the ISO National Bodies. Microsoft’s position is hardening as the ISO vote on OOXML (DIS 29500) in Geneva approaches at the end of this month. We know more clearly now how Microsoft and its proxy group, ECMA, will position Microsoft’s OOXML specification in advance of the vote. In short, Microsoft is betting that its influence with National Bodies will allow it …
4119 Days ago
new Mac ads
The MAC series of TV Ads are now cult, even if they are not all totally true. This one is priceless Microsoft and their ads are ridiculous compare to that .... …
4423 Days ago
unclutter the MSN live messenger interface
"Windows Live Messenger goes beyond the traditional instant messaging (IM) service, enabling people to connect and share, with free PC-to-PC calls and inexpensive calls from a PC to phones around the world, video calling, easy sharing with Sharing Folders, and more. "it use a highly proprietary protocol, that has been reversed engineered in many opensource variant. If you want to use all advanced features, you will be disapointed by open source IM...As soon as You install MSN Live, your desktop …
4459 Days ago
Vista Transformation Pack 6 Final
Vista Transformation Pack will give to your Windows XP system the new and cool look of Microsoft's future operating system: Windows Vista. Prooving one more time, that with the right bunch of software (existing since years like windowsblind skinning, Yahoo widget) Vista is nothing more more than Windows Xp after a lifting...Download Here …
4486 Days ago
No Thumbnail was found
Hilarious...."George Ou writes in his blog that he found a remote exploit for the new and shiny Vista Speech Control. Specifically, websites playing soundfiles can trigger arbitrary commands. Ou reports that Microsoft confirmed the bug and suggested as workarounds that either 'A user can turn off their computer speakers and/or microphone'; or, 'If a user does run an audio file that attempts to execute commands on their system, they should close the Windows Media Player, turn off speech recognition, and …
4495 Days ago
Hilarious Mac ads
I am not a MAC fan (except for their design) , but their Ads are very very creative. Click Read more to see the whole serie. …
4499 Days ago
No Thumbnail was found
The Specification of both format are currently being reviewed, OpenXML is containing a lot of details about Office features bugs (sorry any developer can not call them differently). Extract of the OpenXMl specifications are popping up on the web, one site is trying to bring a view on the problem. "The Open XML specification comes in 5 different PDF files with an 6 accompanying electronic annexes in excess of 43 megabytes. For comparison the ODF specification is a single 11 …
4503 Days ago