Slashdot reports that a post to Bugtraq from SecurityTracker.com reports an Internet Explorer 5 exploit that has been released based on the Win2K code leak: “It is reported that a remote user can create a specially crafted bitmap file that, when loaded by IE, will trigger an integer overflow and execute arbitrary code.” Elsewhere, this is a quick, superficial look at the style and content of the leaked Windows 2000 source, quoting from the comments but not the code, so this should be safe for developers to read.
Exploit based on Leaked Win2k Code; Funny Look at the Win Source
2004-02-16 Windows 23 Comments
This was sure to come…
This is the stuff that makes windows the most secure os
I am not kidding on Techtv’s The Screen Savers, they said Bill actualy said that, pretty funny. Really I wish MS could actualy make a secure os. Oh well this helps linux.
So, all that for Ballmer’s “Closed source = professional quality code” mantra..
At least on OSS if I make an ugly hack everyone will see it, there’s some kind of “reputation” in stake…
In the kuro5hin article, I was struck by the contrast between the Microsoft approach to buggy applications and the Linux one. The Microsoft way was to make lots of application-specific tweaks and patches to the OS so that the old code didn’t break when by rights it should have. The Linux way was to make page 0 unreadable and force the application authors to fix their code.
Of course, this is much more acceptable when the applications are free and thus easily upgraded. Microsoft’s approach is driven by and reflects commercial reality. But the free software method leads to better software in the long term (as well as not collapsing the kernel under a mass of hacks).
When someone told me after looking at the linux source code that they shouldnt have any abusive comments at all other than what documents the particular piece of code i told him that such informal comments are part of the programming culture regardless of whether its open source or not. he refused to believe me.
glad that its has been proved to be correct along with microsoft’s undocumented api’s
I downloaded the source from the edonkey network and have gotten a nice little mail from Microsoft about that though my ISP… Just a word of warning.
Care to tell us what the mail from Microsoft said?
One Microsoft Way
Redmond, WA 98052
Tel: (425) 703-5529
URGENT/IMMEDIATE ATTENTION REQUIRED
VIA ELECTRONIC MAIL
Re: NOTICE OF POTENTIAL UNLAWFUL DISTRIBUTION OF MICROSOFT SOURCE CODE AT: -.-.-.-
Date of Infringement: Detail below.
Dear CyberCity POPs in Denmark:
We have received information that one of your users as identified above by the SITE/URL -.-.-.- may have engaged in the unlawful distribution of Microsoft’s source code for Windows 2000, and/or Windows NT4, by distributing and offering for download these source code files via a peer-to-peer network.
Since you own this IP address, we request that you take appropriate action against the account holder under your Abuse Policy/Terms of Service Agreement.
We also kindly request that you forward this notice promptly to the user of the IP address listed above at the time and date stated.
To the user at -.-.-.-:
The unauthorized copying and distribution of Microsoft’s protected source code is a violation of both civil and criminal copyright and trade secret laws. If you have downloaded and are making the source code available for downloading by others, you are violating Microsoft’s rights, and could be subject to severe civil and criminal penalties.
Microsoft demands that you immediately (1) cease making Microsoft’s source code available or otherwise distributing it, (2) destroy any and all copies you may have in your possession, and (3) provide us any and all information about how you came into possession of this code.
Microsoft takes these issues very seriously, and will pursue legal action against individuals who take part in the proliferation of it source code. We look forward to your prompt cooperation. Should you need to contact me, I can be reached at the address above or at email@example.com.
Very truly yours,
off of bittorrent. Very fast(230kb/s)!
This source was on a Linux box of mainsoft. People are calling MS hypocrits becasue the files were zipped with zubzip etc. But who is to say the files were not zipped or even modified by mainsoft?
The guy states: Despite the above, the quality of the code is generally excellent. Modules are small, and procedures generally fit on a single screen.
Most of the stated hacks were in relation to backwards compatibility.
When using ED2K and BitTorrent you are not anonymous. You _have_ been warned! If you want anonimity, you better use ie. Freenet which as a result of it’s anonimity, encryption and security measures is way slower plus initially requires more harddisk space mainly because of parity checking. That said, i find it useful for plaintext information rather than bulk data.
I wouldn’t recommend downloading the source either. Fun is already possible because a small group of people posting comments from the source. Now someone analysed the code too. Using (ie. compiling) the code itself is illegal. Unless you’re a blackhat searching for a vulnerability in Windows 2000, why bother?
PS: or do you wish to compile your native Linux MSIE port?
Ahhh, Now we know why WINE doesn’t have 100% Windows compatibility.
They need to start referring to the WINE team as morons and swearing about GCC!
Haha, that truly typifies the Linux spirit. Especially the quality, I love how nice that penguin looks in the corner. I bet this was made with “The Gimp,” lol.
“Of course, this is much more acceptable when the applications are free and thus easily upgraded. Microsoft’s approach is driven by and reflects commercial reality. But the free software method leads to better software in the long term (as well as not collapsing the kernel under a mass of hacks).”
Cut Microsoft some slack! Microsoft pioneered alot of what modern OS’s are today. Coupled with the fact that they have done, what i feel is an awesome job providing backward compatibilty for at least 15 years worth of software 10’s if not 100’s of thousands of applications.
Linux very modern compaired to Windows. I feel your analogy is not even remotely relevant.
“At least on OSS if I make an ugly hack everyone will see it, there’s some kind of “reputation” in stake…”
Exactly (but in reverse):
In OSS you *BUILD* your reputation with UGLY HACKS.
Cut Microsoft some slack! Microsoft pioneered alot of what modern OS’s are today.
In wich way? To me Amiga, Apple and Be are pioneers. I fail to see how MS fits into that category. Not that it’s anything wrong in not being a pioneer. But I think you are giving MS too much credit. All they did and are doing is trying to create a workable solution for various companies. That is a tough job and they have been doing fairly well.
MS may be evil and so, and windows may be not the best operating system of all times.
You should admit that the kind of uniformity between Windows Distributions is something the Linux crowd will like to have. (I’m not talking about the bad uniform things!)
I wonder if anyone will take this apart and start reverse engineering it in order to create a windows module for Linux. Probably only a matter of time now…
If i underatand correctly you mean “reverse engineering the leaked Windows source code”? That makes no sense…
I wonder, do they have hacks for Access2.0 in WindowsXP? Do they ever go through the source and check for the hacks that are no longer needed and remove them? Would be nice, but somehow I doubt it.
They are compatibility hacks. Windows is renowned for being backwards compatible. Why would you remove them?
For example, DOS compatibility was thrown out ages ago.