http://www.eeye.com/html/Research/Ad...D20040210.html
Shame it took MS 6 months to patch...
Printable View
http://www.eeye.com/html/Research/Ad...D20040210.html
Shame it took MS 6 months to patch...
I swear they employ someone to name these exploits/flaws in the most awkward way possible!
"Microsoft ASN.1 Library Length Overflow Heap Corruption"
Good lord :o
Didn't see that one coming :oQuote:
New critical Windows flaw discovered
if i had a penny for every time............ you know the rest!
This is the "still abit of a newbie" bit of me showing through here but,
Why does it take Microsoft so long to correct such flaws as this ??
Dave.
Windows is (this is a fact, not just cause I hate it) the most unreliable and unstable operating system on the market. Microsoft basically release too buggy software to the consumer without thinking, thats why they have these service packs and upgrades.
*pats linux*
Whereas Linux, being open source and having hundreds of contributors, tends to have deliberate back door code injected into the source code for the kernel ;)
Your signature picture is flawed, my IP address is not that, I am not with that service and I am not using that webbrowser either.
I didn't say Linux was excluded from problems, just windows is succumbed to them more.
Erm, if anyone did that everyone would be able to see it...Quote:
Originally Posted by Paul Adams
windows releasing stuff too early? never....!
... and in great windows style, the windows update site seems to be down due to the current MyDoom onslaught.. LOL
While the comment was slightly tongue-in-cheek, there have been 3 attempts to get such backdoor code into the Linux kernel fairly recently, and 1 was detected in the live kernel so a patch was issued.Quote:
Originally Posted by DaBeeeenster
For the other 2 attempts, the Linux developers are trying to work out how they bypassed the change control mechanism, as at least 1 was only picked up by mistake when looking at fixing something else.
So yes, you are right in that everyone should be able to see it, but it still doesn't stop it happening, and it could be argued it is more dangerous than a flaw as these are specifically designed holes with attempts to cover them up.
Windows is buggy, yes. But it's the best operating system available. I love it.
With the amount of features it has, I'm not in the slightest bit surprised it falls over now and again (which for me is hardly ever, mine's very stable). Linux is not a desktop operating system, it's designed for purposes, Windows does everything and it's fantastic.
Interesting. Do you have a URL on this? I wasn't aware that anything had made it into production code...I know that people have tried to hack the SSH code before, but not the kernel...Quote:
Originally Posted by Paul Adams
How? An exploit is an exploit.Quote:
So yes, you are right in that everyone should be able to see it, but it still doesn't stop it happening, and it could be argued it is more dangerous than a flaw as these are specifically designed holes with attempts to cover them up.
The bottom line is, Linux has a FAR better history of security than Linux. I mean, come on, it has taken MS SIX MONTHS to release a fix for this one...Open Source software is normally patched within hours (sometimes minutes) of the exploit being made publicly available. The same thing happened with the IE URL spoofer bug...That was public knowledge for weeks before a fix was made available. MS's temporary fix was to...get users to type URL's in by hand!!!
i know its WAY off topic.... but Paul Adams how does that pic work?
adn by the way windows is fun... just cause you can piss people using the fun little features like the shutdown remote computer command in the console, doesnt mean its a BAD thing..
The pic works by checking your IP address and Browser agent string when you request his sig. I guess there must be a database of ISP's assigned to different IP batches to work out who your ISP is. Pretty cool!