StratVantage News Summary

Speaking engagements

The TrendSpot

Internet News

Opinion

Publications



Directories

 

Enterprise Architecture Resources

 

Nanotechnology
Resources

 

P2P Companies

 

Wireless Resources

 

Job Seeking Resources

XML Standards

Security Information

Online Newsletters

B2B Ecommerce Resources

 

 

Marketing Information


Search StratVantage


Search the Web
Google



Be on the wave or under it™


Fake Microsoft Security Advisory

Title: Ongoing Compromises of the Windows Operating Environment

Date: 20 August 2003

Software:

  • Microsoft Windows 3.1
  • Microsoft Windows 95
  • Microsoft Windows 98
  • Microsoft Windows NT 4.0
  • Microsoft Windows SE
  • Microsoft Windows ME
  • Microsoft Windows 2000
  • Microsoft Windows 2000 Server
  • Microsoft Windows XP
  • Microsoft Windows Server 2003

Impact: Run code of the attacker's choice

Max Risk: Important

Bulletin: MS02-0401 (REVISED)

Microsoft encourages customers to review Security Information at: http://www.microsoft.com/security on a regular basis, and subscribe to CERT/CC bulletins at http://www.cert.org.

-----------------------------------------------------------------

Issue:
=====

Microsoft Windows is a collection of software components that enable users to experience the Internet. All components share a common series of interfaces that taken together comprise the Windows Operating Environment.

-         By default, Internet Explorer is enabled on all systems running Microsoft Windows. (It should be noted that there are substantial issues with Internet Explorer reported; users should consult the Microsoft Security Resource Center to obtain the appropriate patches.)

-         Insecure scripting languages such as VBScripting are used throughout the Microsoft Windows Operating Environment and included in many Microsoft applications such as Microsoft Office. Users have reported that it is difficult, if not impossible, to completely remove such scripting features even though they are proven to be regularly exploitable, thus making it likely they will be subject to repeated exploitation.

-         Microsoft products often integrate with the operating system internals, meaning that by installing new software, particularly from Microsoft, the operating system may become modified and thus provide an opportunity to introduce new vulnerabilities or exploit trusted relationships within the Windows Operating Environment. As such, many applications are difficult to uninstall completely from a computer since they may be serving as patches to the underlying operating system.

-         Improper software development has facilitated repeated security incidents resulting in the loss of customer information, e-mail addresses, system downtime, and customer productivity in environments based on the Microsoft Windows Operating Environment. User misconfiguration is also a factor.

-         Microsoft products are often rushed to market without a thorough check of the software quality. Buffer overflows are one result of this issue, and after several years of high-profile incidents, continue to impact the technology community instead of being fixed once and for all. Microsoft notes that it frequently releases patches to existing patches and believes this is the best way for users to stay protected given Microsoft's current software development and business practices.

-         Due to the frequency of patches and critical fixes being released to the user community, it's quite likely that many network administrators are hesitant to install such patches, since the cure may be worse than the original problem, or even create new ones, as evidenced by issues arising from several Windows Service Packs over the years.

-         Despite advances in marketing a concept of "Trustworthy Computing" it is unlikely that there will be any single solution to remedy the many issues associated with the security and stability of Microsoft products.

Microsoft prides itself on innovation and consistency in developing new and exciting software products. Over the years, customers have come to expect this as a hallmark of how Microsoft does business. The fact that each new security incident resulting from Microsoft products presents a higher degree of danger to the Internet community is one example of our ability to produce software products in a consistent manner with regard to quality assurance, reliability, and security. We reiterate our pledge to provide software products with a consistent level of quality to our customers worldwide.

Mitigating Factors:
====================

-         For an attack against Microsoft Operating Environment to be successful, the user/victim must be running an exploitable version of Microsoft Windows.

-         Microsoft Windows systems operating in closed network environments stand a somewhat higher chance of survivability when new security incidents regarding Microsoft products is reported than other, more exposed systems. Systems that are not connected to a network are most secure from such network-based exploits.

Risk Rating:
============

-         Important

Patch Availability:
===================

  - No patches are available to fix this vulnerability. However, there are three technical actions for users to take to increase their level of operating system and information security:

(1)   Boot the affected computer from a floppy disk.

(2)   At the command prompt, type "format c: /sys." For more severely-damaged systems, run the FDISK command. (Visit http://fdisk.radified.com/ for information on this Microsoft-produced disk utility.)

(3)   Once complete, decide on what non-Microsoft operating system you would like to use instead. Some suggested ones are Linux and Mac OSX. (Note that users will need new hardware to take full advantage of Mac OSX.) Users are strongly advised to avoid anything with the words "SCO" or "UnixWare" in it, as these words represent a company that's almost as greedy and evil as we are at Microsoft.

This Advisory supersedes Microsoft Security Bulletin MS02-0401 "Local User Actions May Provide Unauthorized Remote Access" dated 1 April 2002. This Bulletin may be found at http://www.infowarrior.org/articles/2002-04.html.

Acknowledgment:
===============

Microsoft thanks Richard Forno for reporting this issue to us and for working with us to help protect customers. Richard Forno (www.infowarrior.org) thanks the internet community for recognizing a belated (but quite truthful) April Fools' joke when they see it. :) He further thanks Microsoft for producing products that not only keep him and his friends employed as IT and security professonals but continue to pollute the Internet and adversely impact on people not even running Windows.

Thanks a bunch, guys.

----------------------------------------------------------------

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. MICROSOFT HAS NO KNOWLEDGE OF THIS APRIL FOOLS SATIRE AND HAS NOT ENDORSED IT, NOR DID THIS 'SECURITY BULLETIN' ORIGINATE FROM ANY MICROSOFT OFFICE. IT'S A SATIRE -- SO READ IT, LAUGH, AND HOPEFULLY LEARN FROM IT. :) MICROSOFT IS A TRADEMARK OF MICROSOFT CORP.


Return to Mike’s Take



Copyright © 2000-2008, StratVantage Consulting, LLC. All rights reserved.
Please send all comments to  .


Announcing Linked InSolutions, a New Social Media Consulting and Training Service from StratVantage

  • Each Power Workshop session is limited to 25 attendees to enable personal attention

Classroom rate: $125
Webinar rate: $65


House for Sale

$450,000

Looking to light up your office, your business, or your city?

The WiMAX Guys can help you easily provide secure wireless Internet to your customers.

The WiMAX Guys specialize in designing and running wireless networks. We're experienced, we're quick, and we won't cost you an arm and a leg. Give us a call today provide your users a wireless Internet experience tomorrow.

Call Mike Ellsworth
Head Guy
952-400-0185
www.TheWiMAXGuys.com




Alert SNS Reader Hall of Fame



About The Author


Announcing CTOMentor, a New Service from StratVantage




Can’t Get Enough of ME?

In the unlikely event that you want more of my opinions, I’ve started a Weblog. It’s the fashionable thing for pundits to do, and I’m doing it too. A Weblog is a datestamped collection of somewhat random thoughts and ideas assembled on a Web page. If you’d like to subject the world to your thoughts, as I do, you can create your own Weblog. You need to have a Web site that allows you FTP access, and the free software from www.blogger.com. This allows you to right click on a Web page and append your pithy thoughts to your Weblog.

I’ve dubbed my Weblog entries “Stratlets”, and they are available at www.stratvantage.com/stratlets/. Let me know what you think.

Also check out the TrendSpot for ranking of the latest emerging trends.


In Memoriam

Gerald M. Ellsworth

March 14, 1928 - July 5, 2003

In Memoriam

Jane C. Ellsworth

July 20, 1928 - July 20, 2003