| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Homeland Security Warns That Windows Exploit Is Being Created | |
|
||
| Time: 05:54 EST/10:54 GMT | News Source: Yahoo News | Posted By: Alex Harris | ||
|
The U.S. Department of Homeland Security said Thursday that it believes exploits are being created to attack computers compromised by a vulnerability recently disclosed by Microsoft in its Windows operating system. The vulnerability, which is found in Windows 2000, Windows XP, Windows NT, and Windows Server 2003, first came to light July 16. The problem relates to the Remote Procedure Call protocol, which allows a computer to run code on a remote system. A malformed request sent over TCP/IP port 135 could result in a buffer overflow, and allow an attacker to install code of his choice, change or delete data, and create new accounts on the PC. Although Microsoft posted a patch on its TechNet Web site, the Department of Homeland Security's advisory is intended to get the word out that the vulnerability is both extremely serious, and that there's the potential for attack. "The Department is concerned that a properly written exploit could rapidly spread on the Internet as a worm or virus in a fashion similar to Code Red or Slammer," said the National Cyber Security Division, part of Homeland's Information Analysis, and Infrastructure Protection directorate, in a statement. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 206 Last | Next |
The time now is
9:58:45 PM
ET.
Any comment problems? E-mail us |
| #1 By 6859 (206.156.242.36) at 7/30/2003 8:53:12 AM |
| Firewall. NAT. Patch. It's the way of things. This really isn't any different than any other vulnerability that might exist. All one can do is the best you can do. |
| #2 By 116 (66.69.248.206) at 7/30/2003 11:05:32 AM |
|
Just patch the systems...
I got the patch through windows update before I got the security advisory. This would be a good advertisement for how auto-updates worked well. Peace, RA |
| #3 By 135 (209.180.28.6) at 7/30/2003 1:01:26 PM |
|
linuxhippie - DHS is now in the business of promoting fear.
Whether it be Windows, airport security or dirty bombs, it doesn't matter. Get your plastic sheets and duct tape and run for the basement! Don't forget to unplug your computer on the way down. |
| #4 By 20 (67.9.179.51) at 7/30/2003 1:11:03 PM |
|
Chinese hackers have been developing exploits for Windows for a long time. I remember reading an article (I'll try to find it, but it was a year or two ago) about how some of the hackers had loose ties with the Chinese government, etc.
As China becomes more and more a world economic power, I don't think its beneath them to look the other way as thousands of hackers attack our infrastructure and commercial systems to cause instability, and therefore doubt in our system which will cause drops in the stock market and recessions or worse (our system is based 100% on confidence and trust now. The dollar is worth as much as you think it's worth since the US government formed the Federal Reserve Trust which removed the gold/silver standard for currency). If that confidence/trust is shaken, so is the system. We saw this with 9/11. This threat is very real, because it only takes one or two high profile hacks at a major company like Merril Lynch or Prudential to cause lay persons to panic and the stock market to freak out. So what do you guys recommend? Windows 2000 and 2003 have far less vulnerabilities reported than Linux does, so technically Windows is far more secure, but the problem is, one vulnerability that takes MS 24 hours to fix leaves lots of boxes unprotected for 24 hours. Generally hackers aren't that responsive, but it only takes once. If we switch to Linux, will that problem be resolved? Hardly. Linux companies are generally even less responsive and there are far more exploits which just exaccerbates the problem. What about a hemogeny of systems? Same problem, now you've just compounded it. The answer is to have multiple layers of security and block as much incoming and outgoing traffic is possible so that if a remotely-exploitable vulnerability is found, odds are you have that port blocked on the firewall. Whatever is behind the firewall is largely irrelevant, but odds are you're safer with Windows and it involves less maintenance since there are far less exploits per year than with Linux. |
| #5 By 20 (67.9.179.51) at 7/30/2003 2:06:06 PM |
|
DHS is in the business of promoting secure thinking in all sectors of our country.
And thinking securely is to think about all the ways in which someone could attack you, so I guess yes, DHS is in the business of getting people to think about the ways in which terrorists could attack them. Is that a bad thing? What if we had a DHS on 9/10 and they said to look out for hijackers attacking commercial jetliners with small knives or cutting utilities. Would you say it's just fear mongering? It's obvious now that the terrorists are capable of much more than we gave them credit for. So is the thought of them smuggling a radiological device into a major metropolitan area and detonating it really all that far off? Sodablue said: Whether it be Windows, airport security or dirty bombs, it doesn't matter. Get your plastic sheets and duct tape and run for the basement! Don't forget to unplug your computer on the way down. Or crazy Saudis flying planes into building. Pshht... yeah, like that'll ever happen. You'd make a great high-ranking FBI official Soda. You can ignore all the warnings like they did before 9/11. If you asked me on 9/10 which I thought was more likely: A dirty bomb in Manhattan or terrorists flying planes into buildings, I would've said a dirty bomb. I mean, in 1996 the terrorists snuck a truck bomb into the WTC parking gargage. Is it that much more difficult to sneak some spent uranium purchased from N. Korea into that bomb? Of course, Clinton did nothing after the 1996 huge warning. On at least 2 occasions he had opportunities presented to him by Sudan to capture Osama Bin Laden, whom he knew was starting a new global terror system which was responsible for the WTC bombings, and twice he could not be contacted (once on the golf course -- instructed his SS agents to ignore it, and once locked in a back room -- probably with an intern). This is document in the book "Deriliction of Duty", written by the former Air Force Liason to the White House who was responsible for carrying the "football" and remaining within a few hundred feet of the President at all times. This post was edited by daz on Wednesday, July 30, 2003 at 14:12. |
| #6 By 135 (209.180.28.6) at 7/30/2003 7:33:32 PM |
|
LOL! Thanks for the chuckle daz!
Only one more month before the hammer falls. |
| #7 By 135 (208.186.90.91) at 7/30/2003 10:56:02 PM |
|
linuxhippie - It's only scarey for the cowards who promote fear. Can't say more, it may not happen, but if it does the hammer will drop around labor day.
|
| #8 By 135 (209.180.28.6) at 7/31/2003 12:03:08 PM |
| linuxhippie - The emperor has no clothes? |
|
Write Comment
Return to News |
Displaying 1 through 25 of 206 Last | Next |
The time now is
9:58:45 PM
ET.
Any comment problems? E-mail us |
