Sorry for the lack of
[Posted to Random Bytes on August 6, 2002 04:52 PM| Links to this post ]
Sorry for the lack of updates over the last few days...I was purposely out of range of my computer for three straight days. Anyways, nice to be back.... Slashdot is running an interesting essay entitled "Exploiting design flaws in the Win32 API for privilege escalation. Or...Shatter Attacks - How to break Windows." As the paper states, "The flaws presented in this paper are, at the time of writing, unfixable. The only reliable solution to these attacks requires functionality that is not present in Windows, as well as efforts on the part of every single Windows software vendor. This research was sparked by comments made by Microsoft VP Jim Allchin who stated, under oath, that there were flaws in Windows so great that they would threaten national security if the Windows source code were to be disclosed. He mentioned Message Queueing, and immediately regretted it. However, given the quantity of research currently taking place around the world after Mr Allchin's comments, it is about time the white hat ? community saw what is actually possible." Microsoft's response? "...if I understand things correctly, the attack you describe either requires the user to run an attacker's program on their system or the attacker needs to have access to the user's system. I would recommend that you contact the program's owner and let them know of your report. There may or may not be a vulnerability for them to address, but the program's owner should determine that." It makes me wonder whether or not there is any connection between the publication of this note and Microsoft's recent move to release their source and API's prior to the formal final settlement approval or if its just a coincidence. Presumably, issuing API and source documentation that refutes this protects the "integrity" of the product...if it's a coincidence and Chris is right, then the Windows world is in for a whole mess of trouble...
Post a comment