OpenSUSE Linux Rants

OpenSUSE Linux Tips, tricks, how-tos, opinions, and news

My Resume  -  My LinkedIn Profile

September 21, 2006

Windows Security is a Myth (and here’s proof)

by @ 9:50 am. Filed under General Linux, My Opinion, War

All those rumors you heard about me getting abducted by a Mini Cooper full of four dozen circus clowns are simply not true.

School, though greatly edifying, is a resource hog (kind of like Windows).

Speaking of Windows, I haven’t gotten my punches in yet, this month. Well, I haven’t done much of anything this month with the blog, but I’ll tell you what, I’ve been super busy with 40 hrs/week at work and 16 credit hours at school. Night before last, I did 5 1/2 hours of homework, and now I’m all caught up. Go me.

Alrighty, I had better get to the point here before I get sidetracked yet again.

I was reading my daily RSS feeds when I came across this article called “IE Vulnerability Spreads To Email.” This article describes, in a nutshell, one of the major reasons that you’ll never see Windows on any of my machines. Here are a few of my favorite quotes:

“The VML exploit found earlier this week could prove to be a severe problem because it can take initiative without requiring any action on the part of the user. But so far Microsoft does not appear to be a big rush to fix the problem.”

Imagine that. Microsoft doesn’t care. I cannot install an operating system created by a company I don’t trust (and research has found that almost no one does).

“A security update is now being finalized, but at this point, Microsoft plans to release it as part of its October security updates on October 10, three weeks away. A Microsoft spokesperson confirmed late Wednesday when asked by that the fix would come next month, not sooner.”

“Microsoft has dragged its feet on exploits before. When the WMF virus was found in late December, Microsoft was initially slow to release a fix but eventually did so ahead of schedule due to customer pressure.”

So what do people do until then? Essentially, Microsoft is just saying that you’ll just have to run around with your pants down, with your wrists handcuffed to your ankles.

This is a perfect example of why Microsoft is only interested in revenue, and not the well-being of their customers. They don’t like to do anything that will cost them money (such as developing fixes for security holes in their software) unless it will cost them more money (lost revenue because they get a horrible reputation) not to.

“I expect over the next week there will be an exponential growth in the number of Web sites using this to push malware (define) on people,” he said. “It can be worse than the WMF virus because you couldn’t exploit WMF through email. All it takes is a couple guys with spam and the bad guys have a very efficient delivery system with these bots.”

Windows users are SCREWED.

“Originally, the virus was found on porn Web sites, but the iDefense team at VeriSign has found code that can be executed within an email client; all you have to do is use the preview function in an email client, you don’t even have to open the letter or click on a link, the most common means of infecting a computer.”

“According to Ken Dunham, director of the Rapid Response Team at iDefense, email is rendered in Outlook with Internet Explorer. That’s how it handles scripts and embedded code, like HTML. When you preview it, the hostile code can execute and hit the VML problem.”

Zero user interaction, huh? All you have to do is read your email? Better call everyone you know and tell them not to use their email for the next month (unless they’re on Linux or Mac). This type of vulnerability is the very definition of poorly-written software. This kind of exploit has absolutely no reason for existing. Please, if anyone knows of a vulnerability that is of this degree that is as easy to exploit as this one is that has been found in Linux, please leave me a comment and point me to the bulletin for it or something. This is a perfect example of when I say that Linux is more secure than Windows, that’s because it is.

“And Dunham said this code is spreading among underground virus sites quickly. ‘The exploit code is out there for people to copy, paste and start using. It’s trivial to leverage and reproduce. When it’s popularized and easy to do, it’s trouble,’ he said.”

“The VML exploit is a buffer overflow that allows for remote code execution, and in this case, it’s being used to download multi-stage, multi-chain attacks using a program called WebAttacker toolkit.”>

“Dunham said in one case, WebAttacker installed 73 files, including 15 executables, taking up 12 megabytes in size. It installed everything from proxies to dialers to keyloggers to spyware.”

“Sites also thinks this virus could be as nasty as WMF, if not worse. ‘Just looking at an email means you can be exploited. So things can escalate very quickly,’ he said.”

“The WebAttacker toolkit was created by the same hackers that found the VML exploit, said Sites, and now more than 1,000 use this kit.”

Windows users are SCREWED.

The article points to the Sunbelt blog for a way to fix it. Basically this entails removing the part of the operating system responsible for the security black hole.

Please encourage people to use Linux when possible. This kind of crap just doesn’t happen in Linux.

OpenSUSE Linux Rants
Official OpenSUSE Linux Site

internal links:


SUSE Resources

search blog:


September 2006
« Aug   Oct »

59 queries. 0.436 seconds