"Vista Users Just got a lot more Hackable"

[Claymore]

Everyone (8/10) people are reverting. Its only really die hard gamers with nice spec machines and sales people with more talk than brains who use Vista. Most business`s downgrade their machines to XP.

I like Vista now. With 2 or 4GB or RAM, it's been totally stable and pretty quick.

With regard to businesses: moving to Vista is a massive undertaking. At a bank, for example, there are dozens of custom programs that the IT department may only be dimly away of. There are critical banking apps, for example, that don't work with IE7; they require IE6. There are upgrades for the server app, but those have to be tested out. It means that testing cycles can be really, really long.

 

[.Froot.]

A multi-billion rand bank such as Absa, Standard Bank, etc, would go bankrupt in two hours if they hastily decided to upgrade to a new system and it went wrong. Two hours is all it would take.

 

[ShockG]

I'm not one to know much about security in fact I know very little, but use common sense in trying to avoid trojans and the like. Where security is concerned I'm of average knowledge some may even say less than that.

However I see that a number of people here are far more knowledgeable than I am about computer security and I'd even say software in general. I learn things as I read, but I'm sometimes disturbed at what people write here and as off-topic as this may be, the statements made by those whom I refer to above as fairly knowledgeable in security matters are very inaccurate if not down right incorrect.

if M$ were wise they would release DX10 for XP.

Not Possible, or rather pointless as you would end up with a significantly slower DirectX9.0c at best 9.0c at best...

Yeah but you know they won't release DX10 for XP. They want to be able to force users to migrate to Vista.

That has nothing to do with anything. Take DirectX10 out the picture and you still end up with a better driver model in Vista than the one in XP. There's a reason why Quad Crossfire and to some degree Quad SLI only works in Vista even in DirectX9 applications (and yes Vista has DirectX9 it exists entirely separate form the DirectX10 renderer). The way XP handles graphics resources is very inefficient and old. It was appropriate for the time (2000/2001 time frame) but it is not in 2007 going forward. DX10 in XP is not possible, you can if you try hard enough with enough resources emulate DX10 in XP, but you end up with something significantly slower than DirectX9 let alone DX10. Kinda defeats the purpose of DirectX10 being increased rendering quality through efficiency and performance.
=========================================================
Back to security: If this vulnerability is unfixable then it should spell doom for Vista in the coming days... Makes buying security software pointless if the biggest hole is in the OS itself and it cannot be fixed.

 

[Ekhaatvensters]

Everyone (8/10) people are reverting. Its only really die hard gamers with nice spec machines and sales people with more talk than brains who use Vista. Most business`s downgrade their machines to XP.

http://marketshare.hitslink.com/report.aspx?qprid=11&qpcustom=Windows+Vista

Yet Vista grows its user base stably every month. And of course if 8/10 people revert then 70% of all PC users have bought and tried Vista, amazing. Where did you get that stat again?

I can see why most businesses don't want to pay for a full upgrade to Vista, and therefore why they'd downgrade a few new machines rather than upgrade all of them or run two operating systems on their network.

 

[Bismuth]

Oh noes, the sky is falling, all my data...... oh wait, I use Linux!

Funnily enough, our mail server and firewall is Linux, to protect all the Windows PCs from themselves, they say!

B

 

[leelo]

I use Linux (Redhat enterprise, FC, Suse – well, lots) and Windows Pc's (Nt4, 2000, XP, Vista). I've been reading all your posts and thought I had to comment, there is a Huge hole in Linux security, based on the Original Unix code from 1976 or somewhere there abouts and I haven’t heard of a fix yet. But…
The Firewall you load on top of your kernel will protect your kernel preventing access to the problem area, this is done right at the access-point like the network card.
Linux machines are less susceptible to hacking (hmm, don’t know that I can completely agree with that, I’ve had several Linux machines hacked recently – even a Checkpoint NG machine – ZOMG – though that was an corrupted firewall object that opened a hole)
Linux machines are mostly implemented well with good security and hackers these days are more interested in Windows machines due to the lack of secure implementation.
However a windows system, if you get a 3rd party firewall app, you can pretty much prevent access to these holes that are found, much the same as a linux machine, cut off the entry at the network card….

….. just some food for thought…

 

[Arthur]

It's only a week, but already the recent frenzy over "Vista security rendered useless" is turning out to be, er, grossly exaggerated to say the least. Here, inter alia, are comments by the main presenter, Alex Sotirov (he did most of the tech work for the Black Hat paper).

Black Hat's Alexander Sotirov: Vista security is not broken

At the Black Hat USA 2008 security conference, researchers Mark Dowd at IBM and Alexander Sotirov at VMware presented their paper entitled "How to Impress Girls with Browser Memory Protection Bypasses," in which the two discuss a number of attacks against Vista's various security features...

... Here at Ars, we did our own analysis of the report and concluded that the findings were definitely unfortunate, but they were not as terrible as many made them out to be.

more

Alarmed about Vista security? Black Hat researcher Alexander Sotirov speaks out

...SOTIROV: "I was horrified by the lack of understanding displayed by the tech press when they covered the paper Mark and I presented at BlackHat. You rightly point out that the sky is not falling and the flaws are not unfixable."

Did you get any reaction from Microsoft?

Microsoft had contacted us before Black Hat. We had some conference calls and sent them an early draft a few weeks ago. In fact, they put us in touch with the people who designed the [memory protection] defenses [in Windows Vista] and sent us a few minor corrections. It was a very positive experience working with Microsoft. Our research is helping them learn where they need to focus their resources and where they need to improve. We did not take any of the vendors by surprise. Also through Microsoft, both Adobe and Sun were notified about the paper. We haven’t spoken to them directly, but the Microsoft people have, I believe.

Is there any exploit code or proof of concept code available yet for the techniques you describe?

Well, we only gave the paper last week, so I doubt that anyone is using any of these techniques right now. What we presented is weaknesses in the protection mechanism. It still requires the attacker to have a vulnerability. Without the presence of a vulnerability these techniques don’t really [accomplish] anything. We used the ANI cursor vulnerability that had been patched. We chose this example because it worked on XP and Vista, but the example we used would not work [in the real world] because this issue was patched already.

Do you have any advice for Windows users today? Should they be alarmed?

As long as they follow standard security practices — use antivirus products and other typical things that are good standard policy — they shouldn’t have anything to worry about. Our research is to some extent academic. The articles that describe Vista security as “broken” or “done for,” with “unfixable vulnerabilities” are completely inaccurate. One of the suggestions I saw in many of the discussions was that people should just use Windows XP. In fact, in XP a lot of those protections we’re bypassing don’t even exist. XP is even less secure than Vista in this respect. [What we established is that the security advantage of Vista over XP is not as great as [previously] thought. Vista is still very good at preventing vulnerabilities.

more

Windows security rendered useless? Uh, not exactly

Oh dear. The Chicken Little contingent is out in full force. Break out your Kevlar helmets, everyone, because the sky is falling on Windows! At last week’s Black Hat conference in Las Vegas, researchers Alexander Sotirov and Mark Dowd presented a paper that outlined some new attack vectors they had discovered targeting some security features introduced in different versions of Windows XP and Windows Vista ...

Unfortunately, most people who read about Sotirov and Dowd’s work didn’t bother to read the technical paper. Instead, they relied on quick summaries, most notably the one provided by SearchSecurity, which was picked up by Slashdot and our own Adrian Kingsley-Hughes. Alas, those stories are wildly inaccurate and hopelessly sensationalized.

... If you read the authors’ actual words, not the sensationalist and wildly inaccurate news accounts, you get a completely different story. Here’s how the authors describe the talk they gave at Black Hat, for example: ...

more

Though it's early days, it's worth reading the Ars Technica post here just a day after the sensationalist claims.

Furthermore, these attacks are specifically on the buffer overflow protections; they do not circumvent the IE Protected Mode sandbox, nor Vista's (in)famous UAC restrictions. DEP, ASLR, and the other mitigation features in Vista are unlikely to ever be unbreakable, especially in an application like a web browser that can run both scripts and plugins of an attacker's choosing. Rather, their purpose is to make exploitation more difficult. Microsoft has a solution for those wanting to make it impossible—use .NET.

... Even with the attacks described in the paper, Vista has many worthwhile security improvements compared to XP. Internet Explorer on Vista runs in a highly restricted environment, so that even when it is running malicious code it cannot harm the system. Stories suggesting that Vista's security is now irredeemably broken are far off the mark; the truth is merely that some of its automatic security protection is less effective than it was before.