Quantcast

Maximum PC

It is currently Fri Oct 24, 2014 6:53 pm

All times are UTC - 8 hours




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: XP SP2 Security Flaw
PostPosted: Wed Aug 18, 2004 9:32 pm 
Bitchin' Fast 3D Z8000
Bitchin' Fast 3D Z8000
User avatar

Joined: Mon Jun 14, 2004 4:04 pm
Posts: 985
Location: Earth
Already? Wow.

http://www.heise.de/security/artikel/50051

Can't say that I'm not impressed, the flaw is such that explorer.exe doesn't check for the zoneID, so anybody can write a virus with an extension of say, .gif, and have cmd command execute it. Hence:

cmd /c evil.exe
can be wrapped as:
cmd /c evil.gif

so a virus writer can write a virus, tag it as, say,seebritneynakednow.jpg when it's actually an executable, some unwitting person downloads it, and opens it and a virus attacks their system.

What irks me is that isn't SP2 supposed to protect you from this? I mean, months of writing and the same old parlor trick is still exposed?


Top
  Profile  
 
 Post subject: Re: XP SP2 Security Flaw
PostPosted: Thu Aug 19, 2004 7:14 am 
I'd rather be modding!
I'd rather be modding!
User avatar

Joined: Fri Jun 25, 2004 3:47 pm
Posts: 3731
Location: Las Vegas
DJSPIN80 wrote:
Already? Wow.

http://www.heise.de/security/artikel/50051

Can't say that I'm not impressed, the flaw is such that explorer.exe doesn't check for the zoneID, so anybody can write a virus with an extension of say, .gif, and have cmd command execute it. Hence:

cmd /c evil.exe
can be wrapped as:
cmd /c evil.gif

so a virus writer can write a virus, tag it as, say,seebritneynakednow.jpg when it's actually an executable, some unwitting person downloads it, and opens it and a virus attacks their system.

What irks me is that isn't SP2 supposed to protect you from this? I mean, months of writing and the same old parlor trick is still exposed?


Part of the description is a bogus issue (if I read it right). Any OS is vulnerable if the user is willing to run a program from the command line.

Also, I want to try this - because last time I did - it didn't work. I got a warning. Of course all I did was rename a .exe to another extention - and it was months ago. Are you saying its more complicated than that?

Did SP2 actually introduce this or simply fail to fix it?

I will read it a bit closer later.

Bottom line - don't open unknown attachments - I have been able to direct myself to a site (of choice) with a .eml attachment - so I don't even trust those.

Manta


Top
  Profile  
 
 Post subject:
PostPosted: Thu Aug 19, 2004 8:34 am 
Northwood
Northwood
User avatar

Joined: Sun Jul 11, 2004 12:35 pm
Posts: 2039
Location: Houston, TX
i'd think it's a problem that's introduced. if i double-click on a .jpg file that is a renamed .exe file, i'd get an error from the associated picture viewer and the .exe is never executed.

edit: ok, i just tested this, and it only works in the command line. why the hell would anyone wanna use a command line to run an email attachment?


Top
  Profile  
 
 Post subject: Re: XP SP2 Security Flaw
PostPosted: Thu Aug 19, 2004 11:06 am 
Bitchin' Fast 3D Z8000
Bitchin' Fast 3D Z8000
User avatar

Joined: Mon Jun 14, 2004 4:04 pm
Posts: 985
Location: Earth
MantaBase wrote:
DJSPIN80 wrote:
Already? Wow.

http://www.heise.de/security/artikel/50051

Can't say that I'm not impressed, the flaw is such that explorer.exe doesn't check for the zoneID, so anybody can write a virus with an extension of say, .gif, and have cmd command execute it. Hence:

cmd /c evil.exe
can be wrapped as:
cmd /c evil.gif

so a virus writer can write a virus, tag it as, say,seebritneynakednow.jpg when it's actually an executable, some unwitting person downloads it, and opens it and a virus attacks their system.

What irks me is that isn't SP2 supposed to protect you from this? I mean, months of writing and the same old parlor trick is still exposed?


Part of the description is a bogus issue (if I read it right). Any OS is vulnerable if the user is willing to run a program from the command line.

Also, I want to try this - because last time I did - it didn't work. I got a warning. Of course all I did was rename a .exe to another extention - and it was months ago. Are you saying its more complicated than that?

Did SP2 actually introduce this or simply fail to fix it?

I will read it a bit closer later.

Bottom line - don't open unknown attachments - I have been able to direct myself to a site (of choice) with a .eml attachment - so I don't even trust those.

Manta


Failed to fix it actually. cmd ignores zoneID information, so a bad attachment with can set things on fire for a Windows box. I think the irony is that it should have been fixed with SP2, since this is a fairly common way of spreading viruses.


Top
  Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

© 2014 Future US, Inc. All rights reserved.