Linked by Thom Holwerda on Sat 31st Dec 2005 16:55 UTC
Windows Microsoft acknowledged late Wednesday the existence of a zero-day exploit for Windows Metafile images, and said it was looking into ways to better protect its customers. Even worse, by the end of the day nearly 50 variants of the exploit had already appeared. One security company said the possibilities were endless on how the flaw could be exploited. 'This vulnerability can be used to install any type of malicious code, not just Trojans and spyware, but also worms, bots or viruses that can cause irreparable damage to computers,' said Luis Corrons of Panda Software.
Permalink for comment 80826
To read all comments associated with this story, please click here.
RE[2]: Perfect example!
by makfu on Mon 2nd Jan 2006 08:50 UTC in reply to "RE: Perfect example!"
makfu
Member since:
2005-12-18


Since the notion of "users", "accounts" and "priveleges" was totally absent in the design of Windows circa 1995, and since modern versions of this OS are backwards compatible with that API - then necessarily the notion of "users", "accounts" and "priveleges" is a bolt-on afterthought.

You have absolutely NO idea what you are talking about. The DACL model used in NT has been there since day one (1993). Win32 originated on NT, not Windows 95 (it was bolted on to the DOS/VMM386 kernel, NOT the other way around). The rest of your post is just so much FUD.

You need to understand that there are people who have CONSIDERABLY more knowledge regarding systems internals than you do. If you want to have a critical discussion about Windows, that's fine. However, it would be wise in the future to actually KNOW what you are talking about before shooting your mouth off.

Oh, and yes, if I either remove the ACE or set an explicit deny entry on the ACL on ANY object referenced by the Security Reference Monitor you will not be able to access that object. Everything in NT is an object managed by the Object Manager executive subsystem and every object has a security descriptor with an ACL enforced by the Security Reference Monitor executive subsystem (obviously if you are using a legacy filesystem with no defined NT SDDL ACL, the object will be instantiated by the system with a blank ACL). If you wish to view the pervasiveness of this functionality use process explorer from www.sysinternals.com .

Reply Parent Score: 2