[Dshield] Fwd From Politech: Humor: The Microsoft security bulletin they *should* publish

Jon R. Kibler Jon.Kibler at aset.com
Fri Aug 22 14:21:36 GMT 2003


Normally, I wouldn't even consider forwarding something to this list, but this is just too good to pass up!

Jon R. Kibler
A.S.E.T., Inc.
Charleston, SC  USA

Declan McCullagh wrote:
> 
> ---------- Forwarded message ----------
> Date: Thu, 21 Aug 2003 19:34:01 -0400
> From: Richard Forno <rforno at infowarrior.org>
> To: declan at well.com
> Subject: Some yukks for you - and Politech if you like
> 
> The Microsoft Security Bulletin they -=should=- issue, but won't.  :)  Was a
> long night, and I figured what better way to calm down than to write
> something humorous.
> 
> If you like it, feel free to pass to Politech. If not, trash it. Figured
> with the net problems these days, a little bit of reality-based humor might
> help....
> 
> -rick
> Infowarrior.org
> 
> -----------------------------------------------------------------
> 
> Title:   Ongoing Compromises of the Windows Operating Environment
> Date:   20 August 2003
> 
> Software:
> 
> - Microsoft Windows 3.1
> - Microsoft Windows 95
> - Microsoft Windows 98
> - Microsoft Windows NT 4.0
> - Microsoft Windows SE
> - Microsoft Windows ME
> - Microsoft Windows 2000
> - Microsoft Windows 2000 Server
> - Microsoft Windows XP
> - Microsoft Windows Server 2003
> 
> Impact:      Run code of the attacker's choice
> Max Risk:   Important
> Bulletin:     MS02-0401 (REVISED)
> 
> Microsoft encourages customers to review Security Information at:
> http://www.microsoft.com/security on a regular basis, and subscribe to
> CERT/CC bulletins at http://www.cert.org.
> -----------------------------------------------------------------
> 
> Issue:
> =====
> 
> Microsoft Windows is a collection of software components that enable users
> to experience the Internet. All components share a common series of
> interfaces that taken together comprise the Windows Operating Environment.
> 
> - By default, Internet Explorer is enabled on all systems running Microsoft
> Windows. (It should be noted that there are substantial issues with Internet
> Explorer reported; users should consult the Microsoft Security Resource
> Center to obtain the appropriate patches.)
> 
> - Insecure scripting languages such as VBScripting are used throughout the
> Microsoft Windows Operating Environment and included in many Microsoft
> applications such as Microsoft Office. Users have reported that it is
> difficult, if not impossible, to completely remove such scripting features
> even though they are proven to be regularly exploitable, thus making it
> likely they will be subject to repeated exploitation.
> 
> - Microsoft products often integrate with the operating system internals,
> meaning that by installing new software, particularly from Microsoft, the
> operating system may become modified and thus provide an opportunity to
> introduce new vulnerabilities or exploit trusted relationships within the
> Windows Operating Environment. As such, many applications are difficult to
> uninstall completely from a computer since they may be serving as patches to
> the underlying operating system.
> 
> - Improper software development has facilitated repeated security incidents
> resulting in the loss of customer information, e-mail addresses, system
> downtime, and customer productivity in environments based on the Microsoft
> Windows Operating Environment. User misconfiguration is also a factor.
> 
> - Microsoft products are often rushed to market without a thorough check of
> the software quality. Buffer overflows are one result of this issue, and
> after several years of high-profile incidents, continue to impact the
> technology community instead of being fixed once and for all. Microsoft
> notes that it frequently releases patches to existing patches and believes
> this is the best way for users to stay protected given Microsoft's current
> software development and business practices.
> 
> - Due to the frequency of patches and critical fixes being released to the
> user community, it's quite likely that many network administrators are
> hesitant to install such patches, since the cure may be worse than the
> original problem, or even create new ones, as evidenced by issues arising
> from several Windows Service Packs over the years.
> 
> -  Despite advances in marketing a concept of "Trustworthy Computing" it is
> unlikely that there will be any single solution to remedy the many issues
> associated with the security and stability of Microsoft products.
> 
> Microsoft prides itself on innovation and consistency in developing new and
> exciting software products. Over the years, customers have come to expect
> this as a hallmark of how Microsoft does business. The fact that each new
> security incident resulting from Microsoft products presents a higher degree
> of danger to the Internet community is one example of our ability to produce
> software products in a consistent manner with regard to quality assurance,
> reliability, and security. We reiterate our pledge to provide software
> products with a consistent level of quality to our customers worldwide.
> 
> Mitigating Factors:
> ====================
> 
> - For an attack against Microsoft Operating Environment to be successful,
> the user/victim must be running an exploitable version of Microsoft Windows.
> 
> - Microsoft Windows systems operating in closed network environments stand a
> somewhat higher chance of survivability when new security incidents
> regarding Microsoft products is reported than other, more exposed systems.
> Systems that are not connected to a network are most secure from such
> network-based exploits.
> 
> Risk Rating:
> ============
> 
> - Important
> 
> Patch Availability:
> ===================
> 
> - No patches are available to fix this vulnerability. However, there are
> three technical actions for users to take to increase their level of
> operating system and information security:
> 
> (1) Boot the affected computer from a floppy disk.
> 
> (2) At the command prompt, type "format c: /sys."  For more severely-damaged
> systems, run the FDISK command. (Visit http://fdisk.radified.com/ for
> information on this Microsoft-produced disk utility.)
> 
> (3) Once complete, decide on what non-Microsoft operating system you would
> like to use instead. Some suggested ones are Linux and Mac OSX. (Note that
> users will need new hardware to take full advantage of Mac OSX.) Users are
> strongly advised to avoid anything with the words "SCO" or "UnixWare" in it,
> as these words represent a company that's almost as greedy and evil as we
> are at Microsoft.
> 
> This Advisory supersedes Microsoft Security Bulletin MS02-0401 "Local User
> Actions May Provide Unauthorized Remote Access" dated 1 April 2002. This
> Bulletin may be found at http://www.infowarrior.org/articles/2002-04.html.
> 
> Acknowledgment:
> ===============
> 
> Microsoft thanks Richard Forno for reporting this issue to us and for
> working with us to help protect customers. Richard Forno
> (www.infowarrior.org) thanks the internet community for recognizing a
> belated (but quite truthful) April Fools' joke when they see it.  :)  He
> further thanks Microsoft for producing products that not only keep him and
> his friends employed as IT and security professonals but continue to pollute
> the Internet and adversely impact on people not even running Windows. Thanks
> a bunch, guys.
> 
> ----------------------------------------------------------------
> 
> THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS"
> WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER
> EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS
> FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS
> SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
> INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN
> IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE
> POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR
> LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE
> FOREGOING LIMITATION MAY NOT APPLY. MICROSOFT HAS NO KNOWLEDGE OF THIS APRIL
> FOOLS SATIRE AND HAS NOT ENDORSED IT, NOR DID THIS 'SECURITY BULLETIN'
> ORIGINATE FROM ANY MICROSOFT OFFICE. IT'S A SATIRE -- SO READ IT, LAUGH, AND
> HOPEFULLY LEARN FROM IT. :)  MICROSOFT IS A TRADEMARK OF MICROSOFT CORP.
> 
> -----BEGIN PGP SIGNATURE----- Version: PGP 7.1
> 
> iQEVAwUBP0LEf40ZSRQxA/UrAQGjdgf/cI1c4F3brtV3vKxg7UrySrpwOGlKjqy6
> AL3pfhbXfNQENTfDB1xjhwVeKBKUUdKWZqsK7g0rEdJJOeZeCuJXGlTd78xcrU5j
> Znqi3rpDNAnflmc9MNrB1bAnacHrug6N8SSryoIEZZIjB2v+vkCQhTEMybFZ7eUV
> ICF1xP0qf+h7/aw6TrR/yNTuYUiZWFvU/BfnRPl6bGfqQafv+IU0K+k6jG/7Q4Vx
> Kacv213W0sWWMk3KIognlMACwG9E6m2rVwvA1hilUuFLzwd1ZyHYEsLsy8C5XPFS
> lS5jtGzTznepbJEvSogVc/QSB70pcDrdqF4MDMkQxTrsKeyO0ieIQQ== =+krE
> 
> -----END PGP SIGNATURE-----
> 
> -------------------------------------------------------------------------
> POLITECH -- Declan McCullagh's politics and technology mailing list
> You may redistribute this message freely if you include this notice.
> -------------------------------------------------------------------------
> To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
> This message is archived at http://www.politechbot.com/
> Declan McCullagh's photographs are at http://www.mccullagh.org/
> Like Politech? Make a donation here: http://www.politechbot.com/donate/
> -------------------------------------------------------------------------
> 
> ==================================================
> Filtered by: TRUSTEM.COM's Email Filtering Service
> http://www.trustem.com/
> No Spam. No Viruses. Just Good Clean Email.




More information about the list mailing list