The title is no longer required.
What a time to be alive.
Microsoft has released its monthly security update, addressing a total of 51 CVE-listed security vulnerabilities. The June edition of Patch Tuesday includes 11 fixes for critical vulnerabilities in Windows, including Microsoft's solution for the recently-disclosed Spectre Variant 4 chip design flaw. Among the most serious …
Let's face it, most code is breakable when a sufficient number of people are sufficiently motivated to break it.
I'm sick and tired of hearing this strawman repeated over and over and over.
DNS is not hard to do (it's a database lookup done when it didn't occur to people that it's just a database lookup and they would have to finagle weird stuff like "zone files") and can be written in a secure manner unless one goes full hog on "muh features and cool, wild, unmanaged completely non-MISRA C because I'm so cool and sheeeeet!!" (isn't it, BIND?).
Then one could find some money behind a sofa to perform proper code analysis of its codebase. Where did Microsoft Secure Code Initiative go?
Then one could run the thing in a jail because one is the vendor of the whole package. After all, the "integration" and seamlessness of it all is always sold as a big plus.
Yeah, system engineering. We have heard of it while falling downstairs.
Nothing on Github has ever had to withstand that level of attack.
Maybe, but a Microsoft DNS is SUPPOSED to withstand that level of attack.
Ah no, wait. It's just USD 1000 per pop and then you are all by yourself.
I've got a NetGear device using an open source library which couldn't process the DHCP answer from my router - because the answer had additional - and perfectly legit - fields the library writers didn't take into account, and thereby allocated too little space for the answer... I had to change the DHCP server, because that vulnerability was never fixed.
@veti: "Nothing on Github has ever had to withstand that level of attack."
At least the source code and bug reports are fully disclosed. Lets hope Github can also spell:
"The DnsQueryEx function should be used if an application requires asynchronous querries queries to the DNS namespace." link
So Kabukiwookie where is your unbreakable code mate.....
Oh thats right Keyboard Warrior Ho....
Getting a bit fed up of this, not Microsofts issue in the first place, that falls to the chip manufacturers.
But please continue with your nonsense.... or link to your git repo with the unbreakable fixes You have made
It’s also something that could be easily scripted. This means there’s a system-level bug in a listening service on critical infrastructure servers, which also means this is wormable.
This looks bloody enough, but what about http.sys ?
Thank Feynman nobody is silly enough to hook up a Windows Server with IIS to the internet, right ?
Remember, http.sys is a kernel mode device driver, and it can be owned by a malformed packet ???
If you really have to use Windows server, install a 3rdparty web server, there are many available ... running as a user with minimal privileges ... all software gets 0wned, but only Novell and Microsoft would attempt to validate 3rdparty packets in kernel space ... and Novell stopped doing that decades ago ...
Get this!!! The book Writing Solid Code (20th Anniversary 2nd Edition) written by a former Senior Level Microsoft developer has much to say about parameter checking and code validation. Clearly, the knowledge and ability to identify bad coding was there--two decades ago--at Microsoft (not to mention the rest of the in industry). That's two decades of opportunity for code review. Yet, the rate at which such bugs are being found doesn't seem to be slowing down. Is it that hackers are getting better at finding these things? Probably. But, if the hackers are getting better at finding these things--without the source code (supposedly), then why can't Microsoft get better at finding these things when they have all the source code? Oh yeah; the money thing, and people have been conditioned to accept that patching is a normal and regular thing, especially for companies with monopoly-like (not wanting to get sued for libel) market control. Welcome to the Borg collective! Aaaaaaaaaaaaahhhhhhhh!!!!!!!!!!!!!!
And Howard and LeBlanc were working for Microsoft when they wrote Writing Secure Code. And they also wrote The N Deadly Sins of Software Security (for various values of N) with John Viega.
There are plenty of good software-security people who have worked, or still work, for Microsoft. Besides Maguire (Writing Solid Code), Howard, and LeBlanc, there's Mark Russinovich, Cormac Herley, and no doubt many others I'm not recalling at the moment.
And they have strong research groups in other security fields. In cryptography, for example, Microsoft has, or had, folks like Kristin Lauter, Josh Benaloh, Cynthia Dwork, Frank McSherry... In languages, there's Andrew Gordon. And so on.
But having even a large collection of great researchers and senior developers doesn't guarantee particularly secure products. When you have a large product line and large, complex products, software security requires pushing secure-development practices all the way down to the junior developers. It requires a development culture built around security. That's what Microsoft worked to develop after the Gates Memo, with their SDLC and other changes. It did make a substantial difference, but that kind of change is hard to sustain after you pick the low-hanging fruit. And that's why people are still finding exploitable bugs in legacy code bases.
As far as I can tell, senior management (SatNad and other executive-level types) decided the returns from the sustained security push were diminishing, so they pulled resources from it in favor of work that's more visible to the typical buyer - user-visible features and eye candy - and stuff they could sell through other channels, namely SaaS (Office 365 and the like).
why can't Microsoft get better at finding these things when they have all the source code?
Remember when some Windows 2000 source code got leaked ? It was a complete unintelligible clusterfuck. They cannot start from scratch as they need backward compatibility, whole parts of the OS have not been touched in decades. Windows XP apparently had 40 million lines of code without third-party drivers! I assume Windows 10 has an order of magnitude more. And, given the skill of Microsoft developers one can witness in the open source code MS releases, thinking about that rm /bin/sh
idiocy, I doubt the code is any good ... it works, sort of ... but that is about it.
How hard can it be to design an update mechanism ? Why does Windows update take ages to find what needs updating, why does it install updates and ask you to reboot, then finishes updating on shutdown and AGAIN on startup, then reboots again ? We will never know because they are too ashamed of themselves to show us their code ...