“Windows 7 when it ships next month will be vulnerable to an attack that hasn’t been possible since 1999, a new vulnerability found by a security researcher shows,” Electronista reports.
“Sending a deliberately malformed network negotiation request can force a Windows 7 system into a page fault that triggers a ‘blue screen of death’ error, even without the user’s help in launching the code,” Electronista reports. “The attack affects both 32-bit and 64-bit versions of the OS.”
Electronista reports, “The flaw stems from the rewritten network stack inherited from Vista, which itself has also been discovered as vulnerable to the attack.”
“The attack comes at a particularly inopportune time for Microsoft, as it has been trying to market Windows 7 as its most secure release and is in the rare circumstance of having to compete against another major operating system release, Mac OS X Snow Leopard,” Electronista reports.
Full article here.
MacDailyNews Take: The only sure things in life are death, taxes, and Microsoft’s ineptitude:
Direct link via YouTube here.
It’s probably not very snappy either.
I guess M$ felt they needed some pastel colored code from Winblows ME.
(By far the WORST Winblows version ever (which is like deciding whether it is worse to be kicked in the left nut or the right)).
@MacDave
No but you’d be surprised at how it crackles and pops!
Microsoft, Microsoft, Microsoft… it’s always the same story with you, isn’t it? Luckily, I just got my best friend to switch; he loves his new Mac. Next step? Get him to dump Windows.
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
MW: sound, as in “Is that the sound of the MS FUD machine starting up again, to spread FUD about how Snow Leopard is so “unstable” and “insecure”?” Sounds like it to me.
Rename it WinFeces
So will it be Windows 7 SP 1 or Windows Vista SP3 SP1?
The circumstance of having to compete against another major operating system release is because Microsoft has so few releases.
Damnit. “is rare because…”
At least I don’t have to worry about those pesky Windows problems with my Mac OS X: Leopard, Service Pack Snow err, I mean, Snow Leopard.
Don’t you just love that picture? For the uninformed, this is the icon used in Mac OS X (I believe, since the Tiger) to represent SMB shares (i.e. Windows computers with shared folders). This was always a delightful little joke, especially if you are on a Mac in a heterogeneous Mac/Win environment. When you open up your ‘Network’ folder, you get to see all machines with accessible shared volumes. Macs are represented by icons showing the exact model, while Windows machines look like the picture above — an old CRT monitor with a Blue Screen of Death. Just priceless!
And now, in Snow Leopard, you can make these icons huge (to the point of being able to read that error message).
Cubert, that was the first time i’ve EVER guffawed out loud from reading a post.
Brilliant!
Oh, boy. A negative day exploit.
1. Box arrives.
2. Open box.
3. Install new operating system.
4. BSOD
5. Reinstall operating system.
6. BSOD
6. BSOD
6. BSOD
7. Reinstall operating system.
8. ….
9. ….
Ah, life with Windows.
@C
Windoodoo 7 ?
I’m guessing that any cloud-based service from Apple, will be more for syncing, than anything else, with the option to stream.
In other words, like Mobile Me is now, plus the new feature of streaming.
Apple isn’t the kind of company that is likely to screw something up that works well already.
Whoops. Wrong thread.
“The flaw stems from the rewritten network stack inherited from Vista, which itself has also been discovered as vulnerable to the attack.”
This is what happens when you refuse to use time-tested open-source networking code that’s freely available. Gotta love Microsoft’s continued stubbornness and refusal to give in to the undeniable advantages offered by true open-source licensing.
MW: time – only a matter of time before they have to swallow some serious pride on this front.
Something from 1999? Does it also have the Y2K bug?
To reduce bloat-age, I guess Microsoft went back to Windows 98 for the codebase of Windows 7 components.
“
“… Microsoft … has been trying to market Windows 7 as its most secure release …”
Geez, talk about “not raising the bar by much”.
Looks like MDN has finally a discovered a use for 512px icons. Looks good!
It’s all part of the plan to promote and eventually migrate users to Azure – Windows’ new Web OS platform. It’s important for Windows users to see the same BSOD so to provide consistent user experience no matter what future device or browser you plan to use Windows on.
You guys miss the point completely…..By being susceptible to old exploits Microsoft causes hackers to become complacent and lazy. Hence, keeping them from pushing their craft forward and finding the new and larger exploits available to them in the new Windoze.
just my $0.02
Windows 7 is a dog compared to Snow Leopard. I am currently running Windows 7 on my Mac Pro, and it is very very slow compared to Snow Leopard. Hack, it is slow compared to Panther.
So not only slow and buggy, but also vulnerable. Nice.
Snappier for Hackers!
Last school year, students in my district discovered how to go into XP’s “Run” menu and horse around a little and shut down other computers on the network. This will go over just as well as that did when we start using 7 next year. Hopefully Microsoft will have this hole plugged by then with… a service pack. Let’s see, that will be “Vista Service Pack, er Windows 7 Service pack x” by then. Yay.
As screwed up as M$ and all versions of Doze are, it still is an uphill fight for Apple. Yes, this is a big deal to us Apple fanboys, but as of now, there is no story on the websites of CNN, BBC, and USA Today, and several other sites I quickly looked at after I saw the story here.
“We” get a laugh out of this, but the rest of the world doesn’t care. Unfortunately Win 7 will be HUGE, in spite of one more gigantic CF.