Microsoft's "Out of Sync" critical update?

[Ambrocious]

Microsoft is known to deliver updates for it's supported operating systems once a month but recently on October 22nd, Microsoft released a so called "Out of Sync" update because it was discovered that there was an extremely huge gaping hole in the security that could of course...you guessed it: allow a remote connection to your computer without you ever doing a thing...period. This strikes me as unusual and for anyone wanting to know more about this, the link to the info can be found on Microsoft's Security Bulletin at this web address: http://www.microsoft.com/technet/security/...n/MS08-067.mspx

I sometimes think to myself just how many other huge holes like this are out there that Microsoft still don't know about...

[Donaldo]

I sometimes think to myself just how many other huge holes like this are out there that Microsoft still don't know about...

. . . . . . very ominous, Ambrocious.

[dMog]

I sometimes think to myself just how many other huge holes like this are out there that Microsoft still don't know about...

. . . . . . very ominous, Ambrocious.

if all the people who use windows switched to apples then apple would be the prey of choice of all the bad people out there and it would be a matter of hours before apple had to start worrying about security. Hackers have already shown they can hack into apples....

[KilJaden]

There is a reason why did Microsoft patched out of sync :

Trojan attacks Microsoft's emergency patch KB958644 vulnerability

A day after Microsoft released an emergency patch for a critical flaw that could allow self-replicating attacks, researchers have identified a nasty trojan that attempts to exploit the vulnerability.

Variants of the data-stealing trojan known by names including Gimmiv.A and Spy-Agent.da have morphed over the past few weeks to exploit a major weakness in virtually all versions of the Windows operating system. If successful, the exploit could transform the malware into a virulent worm that allows a single infected machine to contaminate any other vulnerable machine over a local network without requiring any interaction on the part of the end users.

At the moment, the part of the trojan that exploits the weakness in the Windows server service isn't especially reliable, researchers said. It generally succeeds only when code custom-built for a specific version and language of the OS encounters its intended target. But the limited success has prompted security experts to take seriously Microsoft's warning that the vulnerability is wormable.

"This could actually be one of the bigger monsters of the last couple years," Alex Eckelberry, president of security provider Sunbelt

Software, said of the flaw. "Researchers are going to be burning the midnight oil over the next couple days to understand what the real issues are."

According to this post from the ThreatExpert Blog, Gimmiv.A rifles through a victim's Windows machine for system information and passwords and then posts them to a remote server.

More recently, it has begun dropping a basesvc.dll file onto infected machines that searches through a local network for unpatched Windows machines. When it finds one it "then attempts to exploit other machines by sending them a malformed RPC request and relying on a vulnerable Server service," the post said.

Craig Schmugar, a threat researcher at McAfee Avert Labs, said there are enough defenses built into more recent Windows versions to contain the threat. Those include firewalls and features such as data execution protection that have been turned on by default ever since Microsoft rolled out Service Pack 2 of Windows XP. Still, he warns that people who have posted exploit code to the Milw0rm website have hinted they may have additional capabilities. (McAfee's Avert Labs, has also blogged about the trojan here.)

The trojan and Milw0rm release aren't the only pieces of code to exploit the weakness. Within a few hours of Microsoft's patch release on Thursday, Kostya Kortchinsky, a researcher at penetration testing firm Immunity, published code that successfully exploits the flaw on Windows 2000 machines. The exploit code, which is used by security professionals to identify vulnerable machines, only works against more recent Windows versions in very limited circumstances. That means it's not wormable, he

said.

Even so, there's reason to believe the trojan could be only the beginning. Jose Nazario, a researcher at security provider Arbor

Networks, said it has been in circulation for more than two weeks, giving the attackers an advantage on white hats, who only learned about the vulnerability on Thursday. What's more, the crude nature of Grimmev leads him to think the code portions that attack the vulnerability have been stolen from someplace else and "bolted" on to the trojan.

"If that's true, then there's someone using this as a 0day prior to this patch release and all of this attention," Nazario wrote here.

McAfee's Schmugar agrees, saying malware writers are likely taking baby steps toward their goal of perfecting code that reliably exploits the flaw on a widespread scale.

"Even if there are certain stumbling blocks that don't allow for ideal exploitations that the bad guys would want, they will likely keep

plugging away to try and refine those exploits, he said. "People should expect that [attacks] will evolve."

More info about the attack:

http://www.theregister.co.uk/2008/10/24/tr...microsoft_flaw/

http://blog.threatexpert.com/2008/10/gimmi...nerability.html

Info about the bug and patch:

http://www.theregister.co.uk/2008/10/23/em...windows_update/

http://www.crn.com/security/211600489

http://news.cnet.com/8301-1009_3-10074269-83.html

[Ambrocious]

Good God...I might just install Ubuntu afterall...

[irefay]

I sometimes think to myself just how many other huge holes like this are out there that Microsoft still don't know about...

. . . . . . very ominous, Ambrocious.

if all the people who use windows switched to apples then apple would be the prey of choice of all the bad people out there and it would be a matter of hours before apple had to start worrying about security. Hackers have already shown they can hack into apples....

Well, I got the new Apple macbook pro this week and I havent tested for securtiy yet but this thing is horrible. The hardware is well built but leoplard is dumb. It acts like an alpha release. I can make just about EVERY program stop working. Internet ONLY works with Safari (it wont even work with Apples own update program) The only time it does work good... is when I start up and use XP.

[Donaldo]

Well, I got the new Apple macbook pro this week and I havent tested for securtiy yet but this thing is horrible. The hardware is well built but leoplard is dumb. It acts like an alpha release. I can make just about EVERY program stop working. Internet ONLY works with Safari (it wont even work with Apples own update program) The only time it does work good... is when I start up and use XP.

Last month, one of my friends bought an Apple MacBook Pro. Within just a couple of days, he approached me to have Windows XP Pro installed in addition to his Mac OS X. In one month, my friend has never used his Mac OS X even once - it's been XP Pro all the way.

Apple is not as user friendly, hence hasn't gained in popularity - no wonder (as dMog points out) Apple has not been targeted to the extent that Microsoft has been. However, the laptops that Apple build are quite power packed.

[dMog]

Well, I got the new Apple macbook pro this week and I havent tested for securtiy yet but this thing is horrible. The hardware is well built but leoplard is dumb. It acts like an alpha release. I can make just about EVERY program stop working. Internet ONLY works with Safari (it wont even work with Apples own update program) The only time it does work good... is when I start up and use XP.

Last month, one of my friends bought an Apple MacBook Pro. Within just a couple of days, he approached me to have Windows XP Pro installed in addition to his Mac OS X. In one month, my friend has never used his Mac OS X even once - it's been XP Pro all the way.

Apple is not as user friendly, hence hasn't gained in popularity - no wonder (as dMog points out) Apple has not been targeted to the extent that Microsoft has been. However, the laptops that Apple build are quite power packed.

I am not saying apples are crap...in fact they are quite fantastic from what i have seen of them...but as others have said quite a few of the new buyers of macs ARE relying on windows XP PRO as their operating system of choice and mostly because they have muck more options for software to use.

[Donaldo]

I am not saying apples are crap...in fact they are quite fantastic from what i have seen of them...but as others have said quite a few of the new buyers of macs ARE relying on windows XP PRO as their operating system of choice and mostly because they have muck more options for software to use.

Undoubtedly, the Apple laptops are truly high-end in technical specifications - the Mac OS X (Operating System) sucks though, in more ways than one. I suspect irefay may use his Boot Camp to install Microsoft.