Unpatched Windows Flaw Lets Attackers Backdoor Systems

derekullo

Distinguished
If some one gains write access to your registry aren't you already pwned?

Needing the user to install an infected program to then edit the registry just sounds like every other virus/trojan out there.

Am I missing something?
 

jimmysmitty

Champion
Moderator


A single bug does not a broken OS make. 10 is a good OS that runs fine. The bug affected a minimal amount of people and was not being actively pushed to unaware users, meaning these people all manually started the update. Microsoft pulled the update before major damage to a much larger populace happened and as well it probably would not have affected the vast majority since the vast majority do not know how or use redirected folders.



No you are not missing anything. This requires quite a few things to be in play. Either they have physical access to the system and can crack or know the users password or they have to have the user install a program that gives them administrator rights to the registry. In a typical business environment the user normally should not be an administrator. Even in a personal environment the user should be a power user with a admin account they have to allow installs to happen.

It actually sounds like a meh vulnerability. Microsoft should patch it but it is not something that I would worry about too much unless you have hackers walking around your office/house daily.
 

derekullo

Distinguished


This almost seems unpatchable in the sense that if some one steals the keys to your house the only ways to fix the issue is to steal the keys back or change locks.

The solution they are suggesting here feels like the thieves already have the keys to your house and their solution/patch is to install a lock on the wine cooler.

 

audiospecaccts

Upstanding
Oct 13, 2018
149
0
210
14


Well to air the dirty windows laundry:
There was 85 security vulnerabilities that 60 of them was "patched" in August 2018
so there is still 20 of them.
Unfortunately, they are associated with Dot Net, VB C++ compiler and the xml language.

To make things worse, the security vulnerability with xml has been transferred to the hardware when anyone who develops firmware and firmware drivers on the windows platform.

I remember leaving a non corporate meeting with some software engineers that work for various software companies, including Microsoft (which that guy turned pale during this discussion), and they speak under their breath "we are doomed" about eight years ago.

A lot of the server farms have gotten rid of the IIS servers except: GoDaddy and Facebook because all were found to be hijacked by dark-web activity.

About 10 years ago I switched to Linux and I refuse to develop for the Microsoft platform. I also encourage others to explore it. Its a great operating system. Hardware seem to run faster too.

The US consumer should switch to Linux just for the simple fact its a lot safer for internet. To even go a little bit further, people should do it regardless if they used a piece of software for years and have to abandon it because they will not develop on a safer platform.
 

Tinchote

Honorable
Jul 8, 2013
8
0
10,510
0
Microsoft is not "doing anything" because there is nothing to be done. This "exploit" depends on gaining system privileges; if you have system privileges you have full control of the system. There is no "vulnerability" to be patched.
 

audiospecaccts

Upstanding
Oct 13, 2018
149
0
210
14


problem is, that there can be one than one root account.

Personally, they need to "rethink" things. This acount-networking scheme the average consumer wouldn't use, and quite frankly should not be ingrained into the OS, rather, it needs to be a module the customer installs at their discretion. On another level, there should be restrictions like making things read only, and denying remote servers access to the computer's storage, even when they go to a web site.
Speaking of which, I like the fact my Linux computer will not play certain streaming services because they connect an unknown server (to the user) to preform write services by direct disk access.

 

ASK THE COMMUNITY