0

Windows is, according to just about any security expert you ask, the operating system most vulnerable to attack. Unless the security expert happens to be from Microsoft, that is. So it was quite refreshing to see Microsoft admitting to a spike in attacks on Windows this week.

According to a posting by Holly Stewart on the Microsoft Malware Protection Center Threat Research & Response Blog Windows XP and Windows 2003 are officially under attack. Russia has seen ten times as many attack attempts than the global average, and the UK has witnessed a "surge" in the words of Microsoft.

Referring to the vulnerability that was patched by a Microsoft critical update and described in Security Bulletin MS10-042 which can allow remote code execution through the Windows Help and Support Center, Stewart states "As of midnight on July 12 (GMT), over 25,000 distinct computers in over 100 countries/regions have reported this attack attempt at least one time". The spike in attack attempts over this last weekend was really quite dramatic, and comes after Microsoft announced the timetable for releasing the fix.

Stewart says "these attack attempts have continued to expand and some new attack patterns have come into play" adding that the attacks witnessed in the wild "work only on Windows XP" and not Windows 2003. Of course, that hasn't stopped people from trying to exploit the vulnerability on versions of Windows that are not susceptible to it. Indeed, Microsoft says it has noticed that the most recent attacks have been indiscriminate when it comes to OS version rather than targeting XP as with the earlier attempts.

Despite some reports suggesting that Apple is more insecure than Microsoft in terms of vulnerabilities the truth will always out, and it's nice to see Microsoft coming clean on this. What would also be nice, and we've said it here at DaniWeb on more than one occasion, would be if people simply stopped using Windows XP which is becoming something of a zombie amongst operating systems .

Interestingly, this is the same vulnerability that was made public by a Google security researcher less than four days after he discovered it. "Public disclosure of the details of this vulnerability and how to exploit it, without giving us time to resolve the issue for our potentially affected customers" Mike Reavey, Director of the Microsoft Security Response Center says "makes broad attacks more likely and puts customers at risk". Reavey, and Microsoft, insist that the software vendor is in the best position to understand and repair such problems as it is the vendor who wrote the code in the first place. Which is why Microsoft is an advocate of what it calls responsible disclosure.

Microsoft asks that any security researcher who thinks they have found a vulnerability that is not resolved by the " 10 Immutable Laws of Security " to contact them at [email]secure@microsoft.com[/email] with the following information:
Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
Product and version that contains the bug
Service packs, security updates, or other updates for the product you have installed
Any special configuration required to reproduce the issue
Step-by-step instructions to reproduce the issue on a fresh install
Proof-of-concept or exploit code
Impact of the issue, including how an attacker could exploit the issue

Attachments windowsattack.jpg 36.97 KB

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

7
Contributors
7
Replies
52
Views
7 Years
Discussion Span
Last Post by DarkPikachu
0

I can't upgrade because it would mean an expensive replacement of all of my equipment and much of my real-time software.

I hate this upgrade frenzay because it usually requires people using real-time software (and sometimes hardware) to replace everything each time the operating system changes. Microsoft should be required to pay for it.

Edited by MidiMagic: add

0

I refuse to upgrade because of the RAT MS built in Vista (hackers can't confirm this one works), and up.
(one of my friends has a friend who disabled Win8's RAT using python)
^ I'm trying to get info on how he did it but my friend hasn't been able to contact him.

I've recently installed linux as I'm sick of NTFS killing my HDDs
(ever since installing Linux, my HDDs havn't overheated once) :)

and I also call the install-reboot process a design flaw that's gotten worse in 7.
(you don't always need to reboot every time it wants you to, even in XP)

if MS developers knew how to update the RAM with new registry settings, a restart could very much (about 70% of the time) be avoided.

0

Soon 7 will become a zombie and when left behind with no patches then the thousand rotten dirty hackers will othertake the operating systems

0

just thought I'd mention:

[12:56:46 AM] Diddy Kong: http://www.computerworld.com/article/2494493/mobile-wireless/hacker-finds-way-to-run-desktop-applications-on-windows-rt.html
[12:57:01 AM] Diddy Kong: ms gets their OS blasted by hackers again for locking shit to appstore fuckery
[12:57:27 AM] Diddy Kong: windows RT is the windows IOS edition sort of speak
[12:57:43 AM] Diddy Kong: where its like apple ipas and iphone devices and their restrictions and where software can come from
[12:57:56 AM] Diddy Kong: its an OS of windows designed for the ARM arcitecture
[12:59:22 AM] Diddy Kong: https://surfsec.wordpress.com/2013/01/06/circumventing-windows-rts-code-integrity-mechanism/

Soon 7 will become a zombie and when left behind with no patches then the thousand rotten dirty hackers will othertake the operating systems

thus completely compromizing any OS running the new kernel.

it's bad enough Windows7 already infects itself, unlike XP.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.