Results 1 to 11 of 11

Thread: Windows Update flaw 'left PCs open' to MSBlast

  1. #1
    Ol' Timer Bunjiweb's Avatar
    Join Date
    Jul 2003
    Location
    Gloucestershire
    Posts
    2,903
    Thanks
    166
    Thanked
    135 times in 97 posts
    • Bunjiweb's system
      • Motherboard:
      • Gigabyte UD
      • CPU:
      • AMD Phenom X4 955 @ 3.6GHZ
      • Memory:
      • 8GB
      • Storage:
      • 2950GB
      • Graphics card(s):
      • nVidia GTX 550 Ti OC
      • Case:
      • Alienware 7500
      • Operating System:
      • Win 7 Ultimate
      • Monitor(s):
      • 28" HannsG HG281D
      • Internet:
      • Virgin V.I.P. 60mb

    Windows Update flaw 'left PCs open' to MSBlast

    From: http://news.zdnet.co.uk/0,39020330,39115732,00.htm

    Munir Kotadia
    ZDNet UK
    August 15, 2003, 14:40 BST


    A flaw in Windows Update caused some organisations - including the US Army - to wrongly believe they were protected from MSBlast, according to a researcher

    A flaw in Windows Update -- Microsoft's online tool that lets customers update their operating system with patches and fixes -- enabled the MSBlast worm to infect computers that apeared to have already been patched, according to a security expert.


    The flaw led to a US Army server, among others, falling victim to MSBlast, according to Russ Cooper, chief scientist at security company TruSecure.


    Windows Update works by adding an entry into the system registry every time it installs a patch. When users log on to the update tool, it scans their registry and offers them list of patches that have not yet been installed. Cooper said that this mechanism was found to be flawed.


    "We found that people had got the registry key for the patch, but not the file," he said, explaining that the error could be triggered by a number of reasons -- from an incomplete installation to a lack of system resources.


    "If you go to Microsoft's site and say, 'tell me if I am up to date', and it says 'you are up to date', but you are not, what are you supposed to do?" he said.


    In order to fix the problem, Windows Update should be looking for the actual fix rather than just a registry entry, Cooper argued. This feature is already included in the tool, but is not "fully enabled", Cooper said.


    He recommends that users should run the Microsoft Baseline Security Analyzer (MBSA) as an alternative to Windows Update for checking to see if patches have been correctly installed. MBSA is also designed to look for security problems in the Windows registry and can be downloaded free from Microsoft's Web site.


    Microsoft did not respond to requests for comment on the Windows Update issue.


    Patching has been a thorn in Microsoft's side, with companies complaining that it takes far too long to implement patches because of the compatibility testing that is necessary before deploying them to thousands of servers and desktops. Additionally, the sheer volume of patches being generated by Microsoft means that companies are finding it difficult to keep up.


    Stuart Okin, chief security officer at Microsoft UK, admitted that Microsoft customers spend too much time fixing their systems: "Our customers don't necessarily have the programmes, processes and environments in place to deal with dynamic changes," he said. He admitted that companies have had problems deploying the patch to thousands of workstations or servers "within the space of four weeks" -- approximately the time between when the vulnerability was discovered and the worm was released.


    Last year, Microsoft launched its Trustworthy Computing Initiative, which included retraining its programmers to ensure their code was written with security in mind and involved an overhaul of its entire patching system.


    Okin said that within two years, Microsoft will have made significant changes to its Windows Update service. The company is planning on introducing a single update source -- probably called Microsoft Update -- which will be capable of updating all of the Microsoft products installed on a computer.


    --------------------------------------------------------------------

    You can download the Microsoft Baseline Security Analyzer from here

    http://www.microsoft.com/technet/tre...s/mbsahome.asp

    I ran it and it found one critical patch was missing and three which were mis-configured in some way. Windowsupdate.com found no problems!!

    Unfortunately its not automated. After the scan you have to click 'result details' next to any problems shown in the report and then install each patch individually.


    Ben
    =========
    NOTHING TO BE SEE HERE, MOVE ALONG PLEASE....

    :: of all the things i've lost i miss my mind the most ::

  2. #2
    HEXUS.social member Agent's Avatar
    Join Date
    Jul 2003
    Location
    Internet
    Posts
    19,185
    Thanks
    738
    Thanked
    1,609 times in 1,048 posts
    Just read this before i saw this post - very worrying !
    Quote Originally Posted by Saracen View Post
    And by trying to force me to like small pants, they've alienated me.

  3. #3
    Ive got 10/40w for blood... THCi's Avatar
    Join Date
    Jul 2003
    Location
    Somewhere, sometime, dunno why though.
    Posts
    512
    Thanks
    0
    Thanked
    0 times in 0 posts
    Again, shows that M$ think ahead (or for different possibilitys (look for patch instead of reg entry)) and then dont utilize what they thought of.

    Things like this could bring the Computing industry to its knees!

  4. #4
    Senior Member joshwa's Avatar
    Join Date
    Jul 2003
    Location
    Sheffield, UK
    Posts
    4,856
    Thanks
    132
    Thanked
    67 times in 62 posts
    • joshwa's system
      • Motherboard:
      • PC Chips M577 AT/ATX
      • CPU:
      • AMD K6-2 500Mhz
      • Memory:
      • 128mb PC100 SDRAM
      • Storage:
      • 8GB Fujitsu
      • Graphics card(s):
      • 3dfx Voodoo 3 3000 AGP (16mb)
      • PSU:
      • ATX 500watt
      • Case:
      • Midi Tower AT
      • Operating System:
      • Windows 98 SE
      • Monitor(s):
      • 22" TFT Widescreen

    Thumbs up

    good post
    the ms thing you linked to is good

  5. #5
    One skin, two skin......
    Join Date
    Jul 2003
    Location
    Durham
    Posts
    1,705
    Thanks
    0
    Thanked
    1 time in 1 post

    Re: Windows Update flaw 'left PCs open' to MSBlast

    Originally posted by Bunjiweb
    Last year, Microsoft launched its Trustworthy Computing Initiative, which included retraining its programmers to ensure their code was written with security in mind and involved an overhaul of its entire patching system.
    So for all these years Microsoft haven't given a rubbishrubbishrubbishrubbish about our security and all Windows operating systems were just written willy nilly?

    FIGURES!

    BILL, you can go and shove your monopoly up your bloody arse!

  6. #6
    Sublime HEXUS.net
    Join Date
    Jul 2003
    Location
    The Void.. Floating
    Posts
    11,819
    Thanks
    213
    Thanked
    233 times in 160 posts
    • Stoo's system
      • Motherboard:
      • Mac Pro
      • CPU:
      • 2*Xeon 5450 @ 2.8GHz, 12MB Cache
      • Memory:
      • 32GB 1600MHz FBDIMM
      • Storage:
      • ~ 2.5TB + 4TB external array
      • Graphics card(s):
      • ATI Radeon HD 4870
      • Case:
      • Mac Pro
      • Operating System:
      • OS X 10.7
      • Monitor(s):
      • 24" Samsung 244T Black
      • Internet:
      • Zen Max Pro
    It's been said before, and I'll say it again, the only thing Microsoft really care about it making their profits over everything else..

    Oh and I've read on some of the other sites where people who have worked for M$ in the past have posted, and the way Windows is programmed is a complete joke, there's very little planning involved and even less communication between the departments and even on the same teams...
    Last edited by Stoo; 19-08-2003 at 01:46 PM.
    (\__/)
    (='.'=)
    (")_(")

  7. #7
    F.A.S.T. Butuz's Avatar
    Join Date
    Jul 2003
    Location
    Wales
    Posts
    4,708
    Thanks
    51
    Thanked
    72 times in 59 posts
    • Butuz's system
      • Motherboard:
      • MSI Z77 MPOWER
      • CPU:
      • I7 3770K @ 4.6
      • Memory:
      • 16GB Corsair XMS 1866
      • Storage:
      • Sandisk SSDs
      • Graphics card(s):
      • 3xR9 290
      • PSU:
      • be quiet! Dark Power Pro 10
      • Case:
      • Inwin H Frame
      • Operating System:
      • Windows 7
    As do most companies.

    Butuz

  8. #8
    One skin, two skin......
    Join Date
    Jul 2003
    Location
    Durham
    Posts
    1,705
    Thanks
    0
    Thanked
    1 time in 1 post
    Originally posted by Butuz
    As do most companies.

    Butuz
    But most companies realise that when they get competition (as Microsoft inevitably one day will) people remember how you sold them rubbishrubbishrubbishrubbish and didn't support that rubbishrubbishrubbishrubbish properly. Customer care matters.

  9. #9
    Sublime HEXUS.net
    Join Date
    Jul 2003
    Location
    The Void.. Floating
    Posts
    11,819
    Thanks
    213
    Thanked
    233 times in 160 posts
    • Stoo's system
      • Motherboard:
      • Mac Pro
      • CPU:
      • 2*Xeon 5450 @ 2.8GHz, 12MB Cache
      • Memory:
      • 32GB 1600MHz FBDIMM
      • Storage:
      • ~ 2.5TB + 4TB external array
      • Graphics card(s):
      • ATI Radeon HD 4870
      • Case:
      • Mac Pro
      • Operating System:
      • OS X 10.7
      • Monitor(s):
      • 24" Samsung 244T Black
      • Internet:
      • Zen Max Pro
    If a company is selling a product, then that product should be the main focus, making it profitable would be the second (and obviously important) focus.

    It seems to me that most places have forgotten why they are in business in the first place - To provide a service or product to people/other businesses.

    Companies that only care about profit at the expense of the product they are selling will eventually fail - if the company doesn't give a toss about the product, then why should the customers?
    (\__/)
    (='.'=)
    (")_(")

  10. #10
    F.A.S.T. Butuz's Avatar
    Join Date
    Jul 2003
    Location
    Wales
    Posts
    4,708
    Thanks
    51
    Thanked
    72 times in 59 posts
    • Butuz's system
      • Motherboard:
      • MSI Z77 MPOWER
      • CPU:
      • I7 3770K @ 4.6
      • Memory:
      • 16GB Corsair XMS 1866
      • Storage:
      • Sandisk SSDs
      • Graphics card(s):
      • 3xR9 290
      • PSU:
      • be quiet! Dark Power Pro 10
      • Case:
      • Inwin H Frame
      • Operating System:
      • Windows 7
    Customer care only matters if the customer is at risk of going somewhere else for business, in microsofts case Windows is the best O/s, their server o/s is the best (perhaps), their office package is the best their web browser is the most dominant, their media player is the most wideley used, their instant message program has been bundled with every pc for the last 2 years.

    Why should they care what you think? They don't need to, your not going anywhere else, your still moaning even though your sitting in front of a MS box using IE in between working on some docs in word 2000 (wild generalisation before you bite my head off and tell me your using opera or some such).

    Wake up to the real world, if there is no competition for a product the monopoliser is under no obligation to fully satisfy all its customers. Thats where MS is at at the moment and thats how theyre playing it.

    They may have to change at some stage, and actually listen to customer feedback about security, bugs, licencing. These are the things we hate about MS products but we still buy them in their millions.

    I get so bored of anti MS moaners. Just live with it, or install linux and suffer in silence. *shrug*

    (sorry for being a bit blunt, but better to be blunt than beat around the bush eh? )

    Butuz

  11. #11
    One skin, two skin......
    Join Date
    Jul 2003
    Location
    Durham
    Posts
    1,705
    Thanks
    0
    Thanked
    1 time in 1 post
    Originally posted by Butuz
    Customer care only matters if the customer is at risk of going somewhere else for business, in microsofts case Windows is the best O/s, their server o/s is the best (perhaps), their office package is the best their web browser is the most dominant, their media player is the most wideley used, their instant message program has been bundled with every pc for the last 2 years.

    Why should they care what you think? They don't need to, your not going anywhere else, your still moaning even though your sitting in front of a MS box using IE in between working on some docs in word 2000 (wild generalisation before you bite my head off and tell me your using opera or some such).

    Wake up to the real world, if there is no competition for a product the monopoliser is under no obligation to fully satisfy all its customers. Thats where MS is at at the moment and thats how theyre playing it.

    They may have to change at some stage, and actually listen to customer feedback about security, bugs, licencing. These are the things we hate about MS products but we still buy them in their millions.

    I get so bored of anti MS moaners. Just live with it, or install linux and suffer in silence. *shrug*

    (sorry for being a bit blunt, but better to be blunt than beat around the bush eh? )

    Butuz
    I'm not actually anti Microsoft really. It does annoy me that MS do what they do, but agreed they do it cos they can. I think most people would too......

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •