Hyper-V guest escape, drive-by PDF pwnage, Office holes, SMB flaws – and more now patched After taking a month off, Microsoft's Patch Tuesday is back – and it's a blockbuster edition. There are 18 bundles of patches covering 140 separate security vulnerabilities. These flaws range from a hypervisor escape in Hyper-V, remote-code execution via PDF and Office files and malicious SMB traffic, to the usual barrage of …
make sure you install them ASAP before miscreants start exploiting them in the wild:
Nope.. I'll wait a week in case there's any booby traps in that mess. Meantime, I'll just keep my eyes and ears open to what others find. Hopefully it all works and there's no surprises. Meantime, I'll use the Linux box....
Given Windows 10 now includes Bash (Unix shell), with more and more Linux features / sub-sets of Linux distributions being attached to Windows sub systems, from likes of Ubuntu and Suse, not sure why you'd seem somewhat surprised that Linux gets mentioned on "Patch Tuesday'" postings.
Linux is today, a rock solid OS, and if you live in the browser like Firefox/Chrome, most people would be hard pressed to know/notice the underlying OS. I use multiple OSs, Windows 10, Windows 7, Linux Mint 18.1, and macOS Sierra/iOS and quite often of late, it's not until minimise the browser that I remember I started my work in Linux that morning.
The hardest thing is remembering where I saved a document, if I was in a rush, so you have to be fairly disciplined in that regard.
Put in a turing complete rendering tool and it opens up remote exploits. The Uniscribe one could be live in all versions of windows back to Win 98. Combined with with older versions of the OS loading the font cache in Ring 0, and there will be compete and total p0wnage.
The scary thing is just how much new equipment still gets shipped with WinCE.
That Internet Explorer is apparently Microsoft's most secure browser. I guess they must have thought "rewritten from scratch" means it will be more secure, when in fact you have to rewrite it from scratch with security in mind in everything you do. Apparently they missed that last part.
From reading the descriptions of most Windows related vulnerabilities, the developers would only have needed to type, size, bounds and sanity check inbound data. All incoming data, every time. This is hardly news, and is certainly less difficult than the time some suits at a former unnamed employer decided it would be a nifty idea to mix big and little endian app servers in a n-tier SAP environment. "Well, the marketing rep SAID it would work..."
s/Windows/software/
There isn't really any significant difference in the type of vulnerabilities that pop up in comparable (language, environment, etc) stuff written by the various major actors.
Though often they are not as easy to avoid or spot as you might think, even when the actual fixes are just an added check or two.
I use a setup where I have two machines - my main machine is Ubuntu and I remote desktop to my windows 7 machine for windows only stuff, so its semi-seamless between the two. I only use my browsers on the ubuntu side and try my best to not do any internet access from the windows side and avoid inserting strange USB sticks, etc, since my windows work involves a lot of USB debuggers and devices, so I can't just put glue in all the ports. Not that I assume Ubuntu is not vulnerable to anything but odds are much lower, if nothing else than from relative obscurity. I do periodic windows backups and git source control to a local linux server, to avoid ransomware.
Microsoft is still living in the C++ Wonderland, where the code is so hard to figure out that boss doesn't know what the programmers are doing. That's why programmers love C++. That's why remote execution bugs continue to abound. Simple, straight-forward, fully-tested, well-documented, and secure code? "Pah, that's for the ordinary folks, and we're far above the ordinary!" The old saying still holds, If houses were built like software is written, one woodpecker would destroy all civilization.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
