|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Computer Security News The Latest Computer Security News |
 |
|
|
LinkBack | Thread Tools |
10-19-2009, 01:42 PM
|
#1 (permalink) |
|
Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic
|
Microsoft admits developer error behind critical SMB 2 bug
Microsoft acknowledged that one of the critical network vulnerabilities it patched earlier in the week was due to a programming error on its part.
The flaw, one of 34 patched Tuesday in a massive security update, was in the code for SMB 2 (Server Message Block 2), a Microsoft-made network file- and print-sharing protocol that ships with Windows Vista, Windows 7 and Windows Server 2008. "Look at the two array references to ValidateRoutines[] near the end," said Michael Howard, principal security program manager in Microsoft's security engineering and communications group, referring to a code snippet he showed in a post to the Security Development Lifecycle (SDL) blog. "The array index to both is the wrong variable: pHeader->Command should be pWI->Command." Howard, who is probably best known for co-authoring Writing Secure Code, went on to say that the error was not only in new code, but a "bug of concern." The incorrect variable -- "pHeader" instead of "pWI" -- produced a vulnerability that Microsoft rated critical, its highest threat ranking. "An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," read the MS09-050 security bulletin released Tuesday. Attackers could trigger the bug by sending a rigged SMB packet to an unpatched PC. As he did in July when he admitted an extra "&" character in a Microsoft code library created a widespread vulnerability in most company software -- and software crafted by third-party developers such as Sun, Cisco and Adobe -- Howard argued that the SMB 2 mistake was virtually impossible to catch without a line-by-line review. "There is only one current SDL requirement or recommendation that could potentially find this, and that is fuzz testing," said Howard. "The only other method that could find this kind of bug is very slow and painstaking code review. This code was peer-reviewed prior to check-in into Windows Vista; but the bug was missed. Humans are fallible, after all." http://news.techworld.com/security/3...2-bug/?olo=rss
__________________
Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums.   PC Safety & Security::PC running a bit slow?::Donate::Photographers Corner |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
| Thread Tools | |
|
|
