Shanaya's Place
Would you like to react to this message? Create an account in a few clicks or log in to continue.

Windows 7 Security Flaw Could Disable Computer

3 posters

Go down

Windows 7 Security Flaw Could Disable Computer Empty Windows 7 Security Flaw Could Disable Computer

Post by Larry November 12th 2009, 11:28 am

http://www.infopackets.com/news/business/microsoft/2009/20091112_windows_7_security_flaw_could_disable_computer.htm



Microsoft is examining claims that a bug in Windows 7 could allow a hacker to remotely disable a computer. The news comes just as the firm urges users of previous editions of Windows to give priority to one particular patch in this month's security update.

The Windows 7 bug, reported by a security researcher who's posted what he claims to be code for exploiting the bug, involves the Server Message Block. That's a section of Windows used in networks for features such as file and printer sharing.
Bug Allows "Infinite Loop" Attack

Laurent Gaffie says that the bug could make it possible for a hacker to force the Windows 7 kernel into an infinite loop. (The kernel is effectively the controller of Windows and determines exactly what a computer can do at any time.) That wouldn't allow the hacker to access a user's data or install any software. However, it would mean that the computer would be rendered useless until it was restarted. This would make the bug a particularly useful tool for anyone wanting to cause damage to a company or organisation by tying up its resources.

The bug is also said to affect Windows Server 2008 R2. Gaffie told Microsoft about the issue before releasing the information and the software company has confirmed it is investigating and will issue a patch if necessary. (Source: computerworld.com)
Separate Kernel Bug Requires Immediate Patch

Meanwhile, users of earlier editions of Windows have been told to take particular care to install a security update listed as MS09-065 in this month's update. It blocks another loophole which also involves the kernel. With Vista it would again only allow the hacker to tie up the kernel (a "denial of service" attack), but with XP it could give them the ability to control the kernel's activity in more detail. (Source: microsoft.com)

The bug involves the Embedded Open Type system, which is used by some websites to display a typeface which users might not have, but in a way that prevents them from copying it to use themselves. One use for this would be for a design company that wants to show off its typographical work.

To activate the bug, the hacker would have to entice the victim to visit a rogue webpage with an infected font embedded on it -- for example, via a link in a bogus email.
Larry
Larry
Moderator
Moderator


Back to top Go down

Windows 7 Security Flaw Could Disable Computer Empty Re: Windows 7 Security Flaw Could Disable Computer

Post by shanaya November 12th 2009, 10:45 pm

Good to know, Larry. Thanks!
shanaya
shanaya
Admin is da shiznit!
Admin is da shiznit!


Back to top Go down

Windows 7 Security Flaw Could Disable Computer Empty Re: Windows 7 Security Flaw Could Disable Computer

Post by Doreen November 13th 2009, 1:06 am

another reason people still want a Mac
Doreen
Doreen
Moderator
Moderator


Back to top Go down

Windows 7 Security Flaw Could Disable Computer Empty Re: Windows 7 Security Flaw Could Disable Computer

Post by Guest November 16th 2009, 7:50 pm

Thanks, Larry.

I like Windows 7 so far. But, like every previous Windows version, I'm sure we'll be downloading heaps of security updates for years..

Guest
Guest


Back to top Go down

Windows 7 Security Flaw Could Disable Computer Empty Re: Windows 7 Security Flaw Could Disable Computer

Post by Sponsored content


Sponsored content


Back to top Go down

Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum