RE: Source Code
- From: Dan <Dan@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 30 Aug 2008 03:26:01 -0700
Exactly, Anteaus. Thank you, Thank you, Thank you! Thus, the user can use
Mozilla Firefox instead while having Internet Explorer installed. Heck, I am
posting using Windows 98 Second Edition and have Mozilla Firefox 2.0.0.16
installed and it works great. You just add in SpywareBlaster and a few other
programs to your security and safety mix and customize your settings and
Windows 98 Second Edition runs like a champ. My only major issue was with
the memory which I downgraded from 2 gigabytes in my multi-boot and
multi-hard drive machine to 512 megabytes and using the memory management
settings it now works like a champ. The majority of problems I had with
Windows 98 Second Edition had to do with poorly written software drivers in
the past by 3rd party companies and that is what led to so many blue screens
of death. Please see secunia.com for confirmation of this:
http://msdn.microsoft.com/en-us/library/aa366525(VS.85).aspx (memory stuff)
http://www.aumha.org/win4/a/memmgmt.php
http://secunia.com/product/13/?task=advisories (for Windows 98 Second Edition)
{highest rated unpatched is less critical}
http://secunia.com/product/22/?task=advisories (for Windows XP Professional)
{highest rated unpatched is moderately critical}
http://secunia.com/product/13223/?task=advisories {for Windows Vista}
{highest rated is less critical but I find this one that targets XP Pro and
Vista disturbing}
http://secunia.com/advisories/29867/
Solution:
Microsoft recommends specifying a WPI (Worker Process Identity) for an
application pool (please see the Microsoft advisory for details).
Provided and/or discovered by:
Reported by the vendor.
Original Advisory:
Microsoft (KB951306):
http://www.microsoft.com/technet/security/advisory/951306.mspx
Now as you can see, we all have some work to do on fixing these bugs so you
can all continue to trash me as most of you have seen fit to do but since
this involves the world and computing, I suggest we get answers to these
problems and work on developing fixes so all our computers are not hacked too
easily by hackers.
"Anteaus" wrote:
.
The fundamental issue with the NT vulnerabilities is not strictly the fault
of Microsoft coders, but is with the preceding code on which NT was based,
which contained numerous unchecked buffers. It's a failing of the C language
with its lack of any checks on variable bounds, and which therefore requires
the coder to perform the near-impossible task of setting traps for every way
in which the program could be presented with oversize data. The majority of
NT exploits operate on the crude principle of over-filling a data buffer to
the point where the data over-writes an adjacent piece of machine-code in
memory. The next time this code runs, your Trojan gets launched. The failing
here is in the programming-language itself not providing any protection
against this kind of exploit.
It is also perfectly true that Windows 9x is a far more secure OS. In fact,
its main weakness is in having Internet Explorer built-in. Without that
attack-vector it is surprisingly hard to exploit.
"Dan" wrote:
Here is an article about how the NT source code was leaked and apparently
even DOS source code was leaked back in the day but no one cared because it
was so old. I now ask Microsoft how long will it be before Microsoft has new
operating systems with new source code. Wikipedia mentions Windows 7 will
use the Windows NT source code much to my dismay. How about the successor to
Windows 7 will people finally get an operating system with new source code
that will be a relief from the tired out code that has caused so many
security problems.
http://news.bbc.co.uk/1/hi/technology/3485545.stm
http://en.wikipedia.org/wiki/Windows_7
- References:
- Source Code
- From: Dan
- RE: Source Code
- From: Anteaus
- Source Code
- Prev by Date: Re: US-Cert Update on New Attacks on Computer Infrastructure
- Next by Date: Re: Is DNSSEC supported by Windows?
- Previous by thread: RE: Source Code
- Next by thread: Access is denied Error - Calling CIOMD.dll objects from ASP.NET1.1
- Index(es):
Relevant Pages
|
