Jump to content
House Price Crash Forum

Archived

This topic is now archived and is closed to further replies.

interestrateripoff

It's Day Zero! Evil 'unicorn' Vuln Is In All Windows Since 1995: Patch It

Recommended Posts

http://www.theregister.co.uk/2014/11/12/driveby_unicorn_0day_beats_emet_affects_all_windows_versions/

Security expert Robert Freeman has identified an aged 18-year-old, critical remotely-exploitable vulnerability which affects ALL versions of Windows - all the way back to Windows 95.

The vulnerability (CVE-2014-6332) rated a critical score of 9.3 in all versions of Windows and was described as a rare "unicorn-like" bug in Internet Explorer-dependent code that opens avenues for man in the middle attacks.

The bug bypasses Redmond's lauded Enhanced Mitigation Experience Toolkit along with Enhanced Protected Mode sandbox in the flagship browser and was patched today some six months after it was reported, IBM's Freeman said.

"This complex vulnerability is a rare, 'unicorn-like' bug [that can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user’s machine," Freeman said.

"In this case, the buggy code is at least 19 years old and has been remotely exploitable for the past 18 years

"In some respects, this vulnerability has been sitting in plain sight for a long time despite many other bugs being discovered and patched in the same Windows library (OleAut32)."

Back door for the security services? Or just incompetence?

Share this post


Link to post
Share on other sites

Never ascribe to incompetence that which can be explained by i

Never ascribe to incompetence malice that which can be explained by incompetence malice.

There, fixed it for you, I can't believe people still get it backwards. :blink:

Share this post


Link to post
Share on other sites

Something about that just doesn't ring true. 9x was built on different kernels I thought, and today's versions have 32 and 64 bit variants.

Would they all really just happen to be using 20 year old code?

Even MSpaint and Minesweeper got retweaked in Windows 7 FFS.

Share this post


Link to post
Share on other sites

Something about that just doesn't ring true. 9x was built on different kernels I thought, and today's versions have 32 and 64 bit variants.

Would they all really just happen to be using 20 year old code?

A quick Google search for OleAut32.dll implies it's part of Visual Basic 6, so it's presumably some clunky 32-bit DLL that's been around since at least Windows 95.

Since most Windows programs are still 32-bit, 64-bit Windows still comes with a vast number of 32-bit DLLs for backward compatibility. Many of them probably date back to Windows 95, and most of them probably have security holes.

Share this post


Link to post
Share on other sites

A quick Google search for OleAut32.dll implies it's part of Visual Basic 6, so it's presumably some clunky 32-bit DLL that's been around since at least Windows 95.

Since most Windows programs are still 32-bit, 64-bit Windows still comes with a vast number of 32-bit DLLs for backward compatibility. Many of them probably date back to Windows 95, and most of them probably have security holes.

If a device accesses the outside world, it will have security flaws.

It is inevitable.

Share this post


Link to post
Share on other sites

A quick Google search for OleAut32.dll implies it's part of Visual Basic 6, so it's presumably some clunky 32-bit DLL that's been around since at least Windows 95.

Since most Windows programs are still 32-bit, 64-bit Windows still comes with a vast number of 32-bit DLLs for backward compatibility. Many of them probably date back to Windows 95, and most of them probably have security holes.

Cheers!

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

  • The Prime Minister stated that there were three Brexit options available to the UK:   224 members have voted

    1. 1. Which of the Prime Minister's options would you choose?


      • Leave with the negotiated deal
      • Remain
      • Leave with no deal

    Please sign in or register to vote in this poll. View topic


×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.