Everyone has different reasons for exposing Windows security flaws. Some do it for avenging a fellow security researcher's insult, others to bring home the bacon. Unlike the Microsoft -Spurned Researcher Collective, which falls in the former category, Danish security firm Secunia's motivation is purely pecuniary.
“The vulnerability is caused due to a boundary error in the "UpdateFrameTitleForDocument()" function of the CFrameWnd class in mfc42.dll. This can be exploited to cause a stack-based buffer overflow by passing an overly long title string argument to the affected function,” Secunia said on its site.
According to group manager Jerry Bryant, “Microsoft is investigating new public claims of a possible vulnerability in Windows 2000 and Windows XP.” However, he is unaware of any attacks based on the vulnerability.
July 4 turned out to be a field day for hackers and chance cyber-saboteurs as they converged on the world's most popular video streaming site to wreck havoc using a cross-site scripting (XSS) vulnerability. They inserted malicious code in the comments section of many YouTube videos to trigger a series of anomalous events, including redirects to porn sites and nasty pop-ups, whenever a user visited a targeted video. Justin Bieber fans were probably the worst hit, with hackers and pranksters concertedly targeting the Canadian singer's videos.
But Google wasted little time in plugging the hole. "We took swift action to fix a cross-site scripting (XSS) vulnerability on youtube.com," a spokesperson for YouTube's parent company said. "Comments were temporarily hidden by default within an hour [of discovering the problem], and we released a complete fix for the issue in about two hours. We’re continuing to study the vulnerability to help prevent similar issues in the future."
A code flaw in Windows that has been around for 17 years raises some interesting questions. Are hackers not as diligent in ferreting out these vulnerabilities as we normally suspect? Or is it there are so many weaknesses in Windows that hackers haven’t yet gotten around to exploiting this particular one? Doesn’t matter, really. Microsoft has come clean on a just discovered flaw in 32-bit versions of Windows, and there’s a simple workaround that can provide protection until an official patch becomes available.
The problem lies in the Windows Virtual DOS Machine (VDM), which handles the task of running legacy 16-bit programs. It was discovered and first disclosed by Tavis Ormandy, the engineer for Google who also discovered the flaw in Internet Explorer that was exploited in the recent cyber-attacks against Google. VDM became a part of Windows back in 1993, with the release of Windows NT, and is a part of all 32-bit Windows versions since. (Including the 32-bit version of Windows 7.)
According to Microsoft’s advisory: “An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.” In other words it’s a flaw, if exploited, that hands over the keys to your PC kingdom.
Microsoft isn’t aware of any cyber-attacks that exploit the flaw. Instead, Microsoft says, “Upon completion of this investigation, [we] will take the appropriate action to help protect our customers.” That’s little comfort for the fretful among us, so Ormandy recommends a simple workaround: edit group policies to block 16-bit applications from running.
Yikes! Google, the online monolith of all things, well, online, has made it incredibly easy for spammers to find out your real name. That means instead of seeing "Dear Sir" at the beginning of male organ enlargement solicitations, pill peddlers and every other unsavory seller can more easiy address you by name. Of course, if you're in the market for male miracle growth, then perhaps that's not such a bad thing.
In any event, a SecuriTeam blog outlines all the gritty details on how the exploit works, and to rub even more egg on Google's face, the blog chose to uncover the identity of admin at gmail dot com for its short tutorial. The bug works by entering a gmail address under the 'share this calendar' tab, adding them, and then saving. While the true identity isn't revealed at first, navigating back to the page is all it takes to see the person's real name. We haven't seen an exploit this stupidly simple since John Halderman discovered how to circumvent music CD copy protection just by holding down the shift key.
Oh, and feel to drop Drew a line. Not only did he give permission to post his Gmail info, but he did it with the full expectation that he'll find true love from a reader of these news posts.
Dell has always bolted out with top honors for the most galling customer service experience. Although it claims to be working earnestly at improving customer service, there is plenty of evidence to the contrary.
It had committed the same blunder just a month ago and subsequently apologized. Dell has no choice but to offer replacements which it is currently doing. But even mandatory replacements seem such a privilege with Dell’s customer-service credentials.