[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Off topic: Computer security and Internet Explorer



PureBytes Links

Trading Reference Links

<x-html><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META content="MSHTML 5.00.2614.3401" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY>
<DIV><FONT size=2>Ian Glazier's&nbsp;WSH flash-mail:</FONT></DIV>
<DIV style="MARGIN-RIGHT: 0px"><FONT size=2>Subject: WSH v2 Beta 2 
Update</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT size=+0>*** WSH News Flash ***<BR><BR>Security fix for ActiveX 
controls marked 'Safe For Scripting' that shouldn't be.<BR><BR>Read about it 
here...<BR><A 
href="http://www.microsoft.com/Security/Bulletins/ms99-032.asp";>http://www.microsoft.com/Security/Bulletins/ms99-032.asp</A><BR><BR>Download 
it from here...<BR><A 
href="ftp://ftp.microsoft.com/peropsys/IE/IE-Public/Fixes/usa/Eyedog-fix/x86/q240308.exe";>ftp://ftp.microsoft.com/peropsys/IE/IE-Public/Fixes/usa/Eyedog-fix/x86/q240308.exe</A><BR><BR><EM>&lt;Check 
out this Mind article that mentions the microsoft.public.scripting.wsh newsgroup 
and<BR>quotes comments made by Peter (don't quote me) Torr!&gt;<BR></EM><A 
href="http://www.wired.com/news/news/technology/story/21524.html";>http://www.wired.com/news/news/technology/story/21524.html</A><BR><BR>Regards,<BR>Ian<BR>WSH 
FAQ http://wsh.glazier.co.nz<BR><BR><FONT 
size=2><STRONG>Just received Ian's update mail, 
and&nbsp;w</STRONG></FONT></FONT><FONT size=2><STRONG>hile we are at the 
subject, here below is this Mind-article's</STRONG></FONT></DIV>
<DIV><FONT size=2><STRONG>contents and also Peter Torr's message 
</STRONG></FONT><STRONG><FONT size=2>to the <A 
href="news:microsoft.public.scripting.wsh";>news:microsoft.public.scripting.wsh</A>&nbsp;</FONT></STRONG><STRONG><FONT 
size=2>newsgroup</FONT></STRONG><STRONG><FONT size=2>. </FONT></STRONG></DIV>
<DIV><BR><FONT size=2><STRONG>Regards,<BR>Ton Maas<BR><A 
href="mailto:ms-irb@xxxxxxxxxxxxxxxx";>ms-irb@xxxxxxxxxxxxxxxx</A><BR>Dismiss the 
".nospam" bit (including the dot) when replying and<BR>note the new address 
change. Also for my Homepage<BR><A 
href="http://home.planet.nl/~anthmaas";>http://home.planet.nl/~anthmaas</A></STRONG></FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face="Arial, Helvetica, sans-serif"><FONT 
face="Arial, Helvetica, sans-serif" 
size=2>========================================================</FONT></FONT></DIV>
<DIV><FONT size=2><FONT face="Arial, Helvetica, sans-serif" size=2><FONT 
face="Arial, Helvetica, sans-serif" size=3></FONT></FONT></FONT>&nbsp;</DIV>
<DIV><FONT size=2><FONT face="Arial, Helvetica, sans-serif" size=2><FONT 
face="Arial, Helvetica, sans-serif" size=3><B>Hits Keep On Coming Against 
MS</B><BR><FONT face="Verdana, Arial, Geneva, sans-serif" size=1><B>by <A 
href="mailto:declan@xxxxxxxxx";>Declan McCullagh</A> </B></FONT><BR><BR><FONT 
color=#ff0000 face="Verdana, Arial, Geneva, sans-serif" 
size=1>2:45&nbsp;p.m.&nbsp;&nbsp;31.Aug.99.PDT</FONT><BR><!-- START_OF_BODY --><FONT 
face="Verdana, Arial, Geneva, sans-serif" size=2>Some experts have have long 
argued that MS Windows was inherently insecure, but now a Microsoft manager has 
confirmed it. </DIV>
<P>It all started in a technical discussion forum during last week's parade of 
security flaws in Windows products that were uncovered by outside experts. 
<P>
<HR noShade>

<DIV><FONT face="Verdana, Arial, Geneva, sans-serif" 
size=2><B><I>Also:</I></B></FONT> <BR><A 
href="http://www.wired.com/news/news/politics/story/21525.html";>Hotmail 
Scofflaw? No Worries</A> <BR><A 
href="http://www.wired.com/news/news/technology/story/21506.html";>Hotmail 
Fallout: A Mere Trickle</A> <BR><A 
href="http://www.wired.com/news/news/technology/story/21503.html";>Hotmail 
Hackers: 'We Did It'</A> <BR><A 
href="http://www.wired.com/news/news/business/story/21490.html";>Hotmail Accounts 
Exposed to All</A> <BR><A 
href="http://www.wired.com/news/news/politics/story/21498.html";>Want Security? 
Forget Web Mail</A> <BR><A 
href="http://www.wired.com/news/news/technology/story/21495.html";>Did MS Dig Its 
Hotmail Hole?</A> </A></DIV>
<HR noShade>

<P>
<P>Security experts identified some of the problems during presentations at the 
Usenix 
convention last week in Washington. 
<P>One, unearthed by Bulgarian bug expert <A 
href="http://www.wired.com/news/news/technology/story/14874.html";>Georgi 
Guninski</A>, lets hackers insert malicious programs into a victim's hard drive. 
Another, <A 
href="http://www.wired.com/news/news/technology/story/http//www.wired.com/news/news/technology/story/21459.html";>reported</A> 
by Wired News, lets an attacker take control of a PC by sending an email 
message. 
<P>On the Usenet discussion group microsoft.public.scripting.wsh, the reaction 
was fast and furious. 
<P>One participant complained that Microsoft's ActiveX scripting technology was 
so flaky that it was a time bomb waiting to explode. 
<P>"ActiveX in general, and ActiveX over the Web in particular, were never 
designed for anything at all, but are merely the final stages of a bomb which 
has been ticking in Microsoft's foundations," the poster wrote. 
<P>It should be noted, though, that the poster was comparing ActiveX to Java and 
Perl-5, which were designed specifically with safety in mind. 
<P>A few posts later, Peter Torr, MS Windows Script program manager, joined the 
fray. He defended MS Windows NT as an operating system that's "generally 
considered" less prone to break-ins than either Unix or Linux. 
<P>But what about Windows 95 or 98, used by millions of customers worldwide? 
<P>"If you're talking about Windows 9x, forget it," Torr <A 
href="http://x31.deja.com/getdoc.xp?AN=518053044&amp;search=thread&amp;CONTEXT=936124443.892207173&amp;HIT_CONTEXT=936124443.892207173&amp;HIT_NUM=1&amp;hitnum=4";>wrote</A>. 
"No one ever (seriously) claimed that it was secure." 
<P>But Windows fans shouldn't rush en masse to defenestrate those buggy PCs -- 
yet. 
<P>On Tuesday, Microsoft <A 
href="http://www.microsoft.com/security/bulletins/MS99-032.asp";>released a 
patch</A> that it said repaired "security vulnerabilities" in two ActiveX 
programs included with Windows. Anyone who knows enough about the technology can 
use those glitches to seize control of a PC through email or a Web page. 
<P>Microsoft could not be immediately reached for comment. <BR><BR><FONT 
face="Verdana, Arial, Geneva, sans-serif" size=2><B><I>Related Wired 
Links:</I></B></FONT><BR><IMG height=10 
src="http://static.wired.com/news/images/pix155.gif"; width=155><BR><FONT 
face="Arial, Helvetica, sans-serif" size=2><B><A 
href="http://www.wired.com/news/news/technology/story/21459.html";>'A Flaw Worse 
Than Melissa'</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, &#10;Geneva, &#10;sans-serif" 
size=1>26.Aug.99</FONT><BR><BR><FONT face="Arial, Helvetica, sans-serif" 
size=2><B><A 
href="http://www.wired.com/news/news/business/story/18617.html";>Hotel 
Hotmail</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, &#10;Geneva, &#10;sans-serif" 
size=1>22.Mar.99</FONT><BR><BR><FONT face="Arial, Helvetica, sans-serif" 
size=2><B><A 
href="http://www.wired.com/news/news/technology/story/15112.html";>Hotmail Bug, 
Still an Open Book?</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, &#10;Geneva, &#10;sans-serif" 
size=1>21.Sep.98</FONT><BR><BR><FONT face="Arial, Helvetica, sans-serif" 
size=2><B><A 
href="http://www.wired.com/news/news/technology/story/14751.html";>Another 
Freemail Security Flaw</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, Geneva, &#10;sans-serif" 
size=1>31.Aug.98</FONT><BR><BR><FONT face="Arial, Helvetica, sans-serif" 
size=2><B><A 
href="http://www.wired.com/news/news/technology/story/14701.html";>Microsoft 
Rights Hotmail</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, Geneva, &#10;sans-serif" 
size=1>27.Aug.98</FONT><BR><BR><FONT face="Arial, Helvetica, sans-serif" 
size=2><B><A 
href="http://www.wired.com/news/news/technology/story/14617.html";>Hotmail Open 
to Script Attacks</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, Geneva, &#10;sans-serif" 
size=1>24.Aug.98</FONT><BR><BR></FONT><!-- END_OF_BODY --><BR><BR><!-- start of newsbot query --><!-- generic newsbot text --></B><FONT 
face="Verdana, Arial, Geneva, sans-serif" size=2><I>
<P>Have a comment on this article?<BR><A 
href="mailto:newsfeedback@xxxxxxxxx";>Send it</A>.</I></FONT> <!-- end generic newsbot text --><!-- end of newsbot query --><!-- FOOTER --><BR><IMG 
alt=[] border=0 height=10 src="http://static.wired.com/news/images/pix155.gif"; 
useMap=#navstrip.map width=155> <BR><IMG alt=[] border=0 height=17 
src="http://static.wired.com/news/images/navstrip_tech.gif"; useMap=#navstrip.map 
width=126><BR><BR>
<P><FONT face="Verdana, Arial, Geneva, sans-serif" size=1><A 
href="http://www.wired.com/news/feedback.html"; target=_top>Send us 
feedback</A>&nbsp;| <A href="http://www.hotwired.com/jobs/"; target=_top>Work at 
Wired Digital</A>&nbsp;| <A href="http://home.wired.com/advertising/"; 
target=_top>Advertise with us</A> <BR><A href="http://home.wired.com/"; 
target=_top>About Wired Digital</A>&nbsp;| <A 
href="http://www.wired.com/home/digital/privacy/"; target=_top>Our Privacy 
Policy</A></FONT></P>
<P><FONT face="Verdana, Arial, Geneva" size=1><A 
href="http://www.wired.com/home/copyright.html"; target=_top>Copyright</A> © 
1994-99 Wired Digital Inc. All rights reserved.</FONT></P>
<P><BR>&nbsp;</P><!-- TRACKING --></FONT></FONT></FONT><FONT 
face="Arial, Helvetica, sans-serif" size=2></FONT>
<DIV><FONT 
size=2>========//////////////////////================//////////////////////=========</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT size=2>
<TABLE border=0 cellPadding=0 cellSpacing=2 width="100%">
  <TBODY>
  <TR>
    <TD align=left vAlign=top><FONT face=geneva,arial size=1><FONT 
      color=#999999><B>&gt;&gt;</B> Community</FONT> </FONT></TD>
    <TD align=right rowSpan=4 vAlign=top>
      <TABLE border=0 cellPadding=0 cellSpacing=0>
        <TBODY>
        <TR>
          <TD colSpan=2><IMG border=0 height=25 
            src="http://g.deja.com/gifs/prev_s_x.gif"; width=132></TD></TR>
        <TR>
          <TD><A 
            href="http://x31.deja.com/getdoc.xp?AN=516856112&amp;search=thread&amp;CONTEXT=936124443.892207173&amp;HIT_CONTEXT=936124443.892207173&amp;HIT_NUM=1&amp;hitnum=3";><IMG 
            alt="Previous in Search" border=0 height=19 
            src="http://g.deja.com/gifs/prev_t.gif"; width=66></A></TD>
          <TD><A 
            href="http://x31.deja.com/getdoc.xp?AN=517295921&amp;search=thread&amp;CONTEXT=936124443.892207173&amp;HIT_CONTEXT=936124443.892207173&amp;HIT_NUM=1&amp;hitnum=5";><IMG 
            alt="Next in Search" border=0 height=19 
            src="http://g.deja.com/gifs/next_t.gif"; width=66></A></TD></TR>
        <TR>
          <TD colSpan=2><IMG border=0 height=24 
            src="http://g.deja.com/gifs/next_s_x.gif"; 
      width=132></TD></TR></TBODY></TABLE></TD></TR>
  <TR>
    <TD align=left vAlign=top><FONT face=geneva,arial size=1>&nbsp;&nbsp; 
      <FONT color=#ff6600><B>&gt;&gt;</B></FONT> <A 
      href="http://www.deja.com/topics_if.xp?search=topic&amp;group=microsoft.public.scripting.wsh&amp;GRPP=936124443.892207173&amp;title=Related&amp;query=";>Forum</A>: 
      <B>microsoft.public.scripting.wsh</B> </FONT><BR></TD></TR>
  <TR>
    <TD align=left vAlign=top><FONT face=geneva,arial 
      size=1>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <FONT 
      color=#ff6600><B>&gt;&gt;</B></FONT> <A 
      href="http://x31.deja.com/viewthread.xp?AN=518053044&amp;search=thread&amp;svcclass=dncurrent&amp;ST=PS&amp;CONTEXT=936124443.892207173&amp;HIT_CONTEXT=936124443.892207173&amp;HIT_NUM=1&amp;REDO=1&amp;recnum=%3cO8CIUjP8%23GA.227@xxxxxxxxxxx%3e%231/1&amp;group=microsoft.public.scripting.wsh&amp;frpage=getdoc.xp&amp;back=clarinet";>Thread</A>: 
      <B>Using Web and ActiveX to Destroy a System </B></FONT></TD></TR>
  <TR>
    <TD align=left bgColor=#000000 vAlign=top><FONT face=geneva,arial 
      size=1>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<FONT color=#ff6600 
      size=2><B>&gt;&gt;</B></FONT> <FONT color=#ffffff size=3><B>Message 5 of 
      21</B></FONT></FONT></TD></TR>
  <TR>
    <TD><FONT size=1>&nbsp;</FONT></TD></TR></TBODY></TABLE>
<TABLE border=0 cellPadding=0 cellSpacing=2 width="100%">
  <TBODY>
  <TR vAlign=top>
    <TD><FONT face=geneva,arial size=2>Subject:</FONT></TD>
    <TD><FONT color=#ff6600 face=geneva,arial size=2><B>Re: Using Web and 
      ActiveX to Destroy a System </B></FONT></TD></TR>
  <TR vAlign=top>
    <TD><FONT face=geneva,arial size=2>Date:</FONT></TD>
    <TD><FONT face=geneva,arial size=2>1999/08/27</FONT></TD></TR>
  <TR vAlign=top>
    <TD><FONT face=geneva,arial size=2>Author:</FONT></TD>
    <TD><FONT face=geneva,arial size=2><B>Peter Torr \(MS\)</B> &lt;<A 
      href="mailto:ptorr@xxxxxxxxxxxxx";>ptorr@xxxxxxxxxxxxx</A>&gt;</FONT></TD></TR>
  <TR>
    <TD></TD>
    <TD vAlign=top><FONT face=geneva,arial size=1><NOBR>&nbsp;&nbsp;<A 
      href="http://www.deja.com/profile.xp?author=%22Peter%20Torr%20%5c(MS%5c)%22%20%3cptorr@xxxxxxxxxxxxx%3e&amp;ST=PS">Posting 
      History</A> </FONT></NOBR></TD>
    <TD align=right><A 
      href="http://www.deja.com/post.xp?NG=microsoft.public.scripting.wsh&amp;SUB=Re:%20Using%20Web%20and%20ActiveX%20to%20Destroy%20a%20System%20&amp;REF=%3cO8CIUjP8%23GA.227@xxxxxxxxxxx%3e&amp;AN=518053044&amp;go=00315f00141df51431ec9961c4d6c7a5f068a4ae704e4ddc17b0484dd56b977ae8d17523a91a9b7d939f583763aa557acf870670eea2e7603f7ba2d39cd4a4ebba55a3161973a2492c8e049f9134c7c8ee180238030078729141f247490c9e306e7745b1ef33a6e3fb39404a774b84553ff021793fe81885aa439477fe8fb24607ccb350920b903fd76dfadf617fb5989f9706ef5fdd6f4d";><IMG 
      align=right alt="Post Reply" border=0 height=18 hspace=2 
      src="http://g.deja.com/gifs/post_r.gif"; width=90></A> </TD></TR></TBODY></TABLE>
<TABLE border=0 cellPadding=5 cellSpacing=2 width="100%">
  <TBODY>
  <TR>
    <TD bgColor=#eeeeee><FONT face=geneva,arial size=2></FONT>
      <P><FONT face=geneva,arial size=2>Westerner &lt;<A 
      href="http://www.deja.com/profile.xp?author=Westerner@xxxxx&amp;ST=QS";>Westerner@xxxxx</A>&gt; 
      wrote in message<BR><FONT color=#666600>news:<A 
      href="http://www.deja.com/profile.xp?author=MPG.122ce68f8421917f989723@xxxxxxxxxxxx&amp;ST=QS";>MPG.122ce68f8421917f989723@xxxxxxxxxxxx</A>...<BR>&gt; 
      That problem, I believe, is not a question of a given human error in 
      the<BR>&gt; manual marking of a given component as safe or unsafe. It is a 
      question<BR>&gt; of immediately and automatically marking every component, 
      by every<BR>&gt; vendor, as unsafe, until it can be proven safe, by 
      rigorous computer-<BR>&gt; science and software-engineering 
      methods.<BR></FONT>&nbsp;<BR>I don't quite understand this paragraph. 
      Given IE's default settings, everything *is* considered unsafe, and you 
      are asked if you want to accept a control. If you click on the checkbox 
      that says "always accept code from X" then you are moving all 
      responsibility onto the control manufacturers, and being human, they 
      sometimes make mistakes. Then again, sometimes they do it deliberately (as 
      *appears* to have happened with the Compaq and HP 
      controls).<BR>&nbsp;<BR><FONT color=#666600>&gt; From Day One till now, 
      Microsoft has always ignored the lessons of<BR>&gt; serious OS and 
      language design, with regard to such concepts as process-<BR>&gt; level 
      and object-level operation masks -- lessons which go back before<BR>&gt; 
      Unix, before VMS, all the way back to the System 360, the Burroughs 
      5500,<BR>&gt; and the Jovial language.<BR></FONT>&nbsp;<BR>Again, I'm not 
      an expert on Windows NT's security model, but I believe it is generally 
      considered better than Unix's model.<BR>&nbsp;<BR><FONT color=#666600>&gt; 
      The promiscuous overwriting of system DLLs by application installers 
      is<BR>&gt; bad enough. Now we are expected to dynamically install 
      black-box ActiveX<BR>&gt; components by relying on there own claims that 
      they're "signed" and<BR>&gt; "safe". To me, these are not components, but 
      patches, and so are all the<BR>&gt; frantic attempts to fix the 
      fundamental flaws in the architecture itself.<BR></FONT>&nbsp;<BR>I don't 
      see how downloading, say, Macromedia FLASH can be seen as a "patch". What 
      do you mean by the "fundamental flaws" in the architecture? If you're 
      talking about Windows 9x, forget it. No one ever (<B>seriously</B>) 
      claimed that it was secure.<BR>&nbsp;<BR>Peter<BR>&nbsp;<BR><FONT 
      face=courier size=2>--<BR>Peter J. <B>Torr</B> - Microsoft Windows Script 
      Program Manager<BR><A 
      href="http://www.deja.com/profile.xp?author=ptorr@xxxxxxxxxxxxx&amp;ST=QS";>ptorr@xxxxxxxxxxxxx</A> 
      - <A 
      href="http://msdn.microsoft.com/scripting/";>http://msdn.microsoft.com/scripting/</A><BR>Please 
      do not e-mail me with questions - post them to this<BR>newsgroup instead. 
      Thankyou!<BR></FONT></FONT></P></TD></TR></TBODY></TABLE>
<P>
<TABLE border=0 cellPadding=5 cellSpacing=0 width="96%">
  <TBODY>
  <TR>
    <TD vAlign=top><FONT face=geneva,arial size=1><A 
      href="http://www.deja.com/trackthread.xp?query=Re:%20Using%20Web%20and%20ActiveX%20to%20Destroy%20a%20System%20&amp;wp_query=ST%3dQS%26recnum%3d%253cO8CIUjP8%2523GA.227@xxxxxxxxxxx%253e%26HIT_NUM%3d1%26ageweight%3d0%26search%3dthread%26query%3dRe:%2520Using%2520Web%2520and%2520ActiveX%2520to%2520Destroy%2520a%2520System%2520%26server%3ddb99p6x%26HT%3d0%26maxhits%3d0%26RN%3d0%26AN%3d518053044%26hitnum%3d4%26URN%3d518053044%26agesign%3d0&amp;return_to=http://x31.deja.com/getdoc.xp%3fAN%3d518053044%26search%3dthread%26CONTEXT%3d936124443.892207173%26HIT_CONTEXT%3d936124443.892207173%26HIT_NUM%3d1%26hitnum%3d4";><FONT 
      size=2><B>Track this thread for me</B></FONT></A><FONT 
      size=1><BR></FONT><BR><A 
      href="http://www.deja.com/subng.xp?group=microsoft.public.scripting.wsh&amp;go=00315f00141df51431ec9961c4d6c7a5f068a4ae704e4ddc17b0484dd56b977ae8d17523a91a9b7d939f583763aa557acf870670eea2e7603f7ba2d39cd4a4ebba55a3161973a2492c8e049f9134c7c8ee180238030078729141f247490c9e306e7745b1ef33a6e3fb39404a774b84553ff021793fe81885aa439477fe8fb24607ccb350920b903fd76dfadf617fb5989f9706ef5fdd6f4d";>Subscribe</A> 
      to <B>microsoft.public.scripting.wsh</B></A> <BR><A 
      href="http://www.deja.com/maf_enter.xp?SUB=Re:%20Using%20Web%20and%20ActiveX%20to%20Destroy%20a%20System%20&amp;AN=518053044&amp;DBS=2&amp;continue=http://x31.deja.com/getdoc.xp%3fAN%3d518053044%26search%3dthread%26CONTEXT%3d936124443.892207173%26HIT_CONTEXT%3d936124443.892207173%26HIT_NUM%3d1%26hitnum%3d4";>Mail 
      this message to a friend</A> <BR><A 
      href="http://www.deja.com/getdoc.xp?AN=518053044&amp;fmt=text";>View 
      original Usenet format</A> <BR><A 
      href="http://www.deja.com/linkback.xp?act=f&amp;res_type=message&amp;res_title=Re:%20Using%20Web%20and%20ActiveX%20to%20Destroy%20a%20System%20&amp;res_url=http://www.deja.com/threadmsg_ct.xp%3fAN%3d518053044";>Create 
      a custom link to this message from your own Web site</A><BR></FONT></TD>
    <TD align=middle vAlign=top><A 
      href="http://www.deja.com/post.xp?NG=microsoft.public.scripting.wsh&amp;SUB=Re:%20Using%20Web%20and%20ActiveX%20to%20Destroy%20a%20System%20&amp;REF=%3cO8CIUjP8%23GA.227@xxxxxxxxxxx%3e&amp;AN=518053044&amp;go=00315f00141df51431ec9961c4d6c7a5f068a4ae704e4ddc17b0484dd56b977ae8d17523a91a9b7d939f583763aa557acf870670eea2e7603f7ba2d39cd4a4ebba55a3161973a2492c8e049f9134c7c8ee180238030078729141f247490c9e306e7745b1ef33a6e3fb39404a774b84553ff021793fe81885aa439477fe8fb24607ccb350920b903fd76dfadf617fb5989f9706ef5fdd6f4d";><FONT 
      face=geneva,arial><B>Post Reply</B></FONT></A> </TD></TR></TBODY></TABLE>
<P><FONT face=geneva,arial size=2>
<P>
<TABLE cellPadding=0 cellSpacing=0 width="100%">
  <TBODY>
  <TR align=right>
    <TD><FONT face=geneva,arial size=2><B><FONT color=#ff6600 
      size=3>&lt;&lt;</FONT> <A 
      href="http://x31.deja.com/getdoc.xp?AN=516856112&amp;search=thread&amp;CONTEXT=936124443.892207173&amp;HIT_CONTEXT=936124443.892207173&amp;HIT_NUM=1&amp;hitnum=3";>Previous 
      in thread</B></A> &nbsp; · &nbsp; <B><A 
      href="http://x31.deja.com/getdoc.xp?AN=517295921&amp;search=thread&amp;CONTEXT=936124443.892207173&amp;HIT_CONTEXT=936124443.892207173&amp;HIT_NUM=1&amp;hitnum=5";>Next 
      in thread</A> <FONT color=#ff6600 size=3>&gt;&gt;</FONT></B> 
  </FONT></TD></TR></TBODY></TABLE></FONT><!-- second stage content : end --><!-- search again : begin -->
<P>
<TABLE bgColor=#cccc66 border=0 cellPadding=2 cellSpacing=0 width="100%" 
margineheight="1" marginewidth="1">
  <FORM action=http://www.deja.com/dnquery.xp>
  <TBODY>
  <TR><INPUT name=DBS type=hidden value=2> 
    <TD bgColor=#000000>
      <CENTER><FONT color=#ff6600 face=geneva,arial size=2><B>Search 
      Discussions</B></FONT></CENTER></TD>
    <TD><FONT color=#000000 face=geneva,arial size=1>&nbsp; For a more 
      detailed search go to <A 
      href="http://www.deja.com/home_ps.shtml?QRY=microsoft.public.scripting.wsh%20torr%20seriously";>Power 
      Search</A></FONT></TD></TR>
  <TR>
    <TD align=right vAlign=top><FONT face=geneva,arial size=1><B>Search only 
      in:</B></FONT></TD>
    <TD vAlign=top><FONT face=geneva,arial size=1><INPUT name=groups 
      type=radio value=microsoft.public.scripting.wsh> 
      microsoft.public.scripting.wsh<BR><INPUT CHECKED name=groups type=radio 
      value=""> All Deja.com</FONT> </TD></TR>
  <TR>
    <TD align=right vAlign=top><FONT face=geneva,arial size=2><B>Search 
      for:</B></FONT></TD>
    <TD vAlign=top><INPUT name=QRY size=35 
      value="microsoft.public.scripting.wsh torr seriously"> <INPUT type=submit value=Search> <BR><NOBR><FONT face=geneva,arial 
      size=1>Search&nbsp; <SELECT name=svcclass> <OPTION selected 
        value=dncurrent>recent<OPTION value=dnold>past<OPTION 
        value=dnserver>all</OPTION></SELECT> Messages</FONT></NOBR> 
  </TD></TR></TBODY></FORM></TABLE></FONT><FONT 
face="Arial, Helvetica, sans-serif" size=2></FONT></P></DIV>
<DIV><FONT face="Arial, Helvetica, sans-serif" 
size=2>==============//////////////////====================////////////////////==================</FONT></DIV>
<DIV><FONT size=2><FONT face="Arial, Helvetica, sans-serif" 
size=3></FONT></FONT>&nbsp;</DIV>
<DIV><FONT size=2><FONT face="Arial, Helvetica, sans-serif" size=3><B>'A Flaw 
Worse Than Melissa'</B><BR><FONT face="Verdana, Arial, Geneva, sans-serif" 
size=1><B>by Declan McCullagh 
</B></FONT><BR><BR><FONT color=#ff0000 face="Verdana, Arial, Geneva, sans-serif" 
size=1>4:50&nbsp;p.m.&nbsp;&nbsp;26.Aug.99.PDT</FONT><BR><!-- START_OF_BODY --><FONT 
face="Verdana, Arial, Geneva, sans-serif" size=2>WASHINGTON -- A team of 
computer scientists has discovered a bug in tens of millions of Microsoft 
Windows computers that lets an attacker take control of a PC by sending an email 
message. </DIV>
<P>The security hole, present in most copies of Windows 95 and all versions of 
Windows 98, would allow a malcontent to conceal malicious computer code in an 
email message or Web page that can surreptitiously modify files, reformat a hard 
drive, or execute any DOS command. 
<P>
<CENTER>
<HR noShade>
See also: <A 
href="http://www.wired.com/news/news/technology/story/21456.html";>Swatting Down 
the Win 98 Bug</A> 
<HR noShade>
</CENTER>
<P>
<P>"It's the Melissa virus, but even worse," says <A 
href="http://www.cs.rice.edu/~dwallach/";>Dan Wallach</A>, an assistant professor 
of computer science at Rice University who is one of the team members. "The 
Melissa virus required someone to click 'OK.' This doesn't." 
<P>Microsoft has acknowledged the backdoor. This week, after the researchers 
contacted the company, it released an <A 
href="http://www.microsoft.com/Security/Bulletins/MS99-031.asp";>upgraded 
version</A> of its Java virtual machine that fixes the problem. 
<P>But the tens of millions of Windows users who have not downloaded the patch 
and have not disabled Java remain vulnerable to anyone who knows the technical 
details of the bug. 
<P>At risk are Windows users who read email using programs like Outlook, Outlook 
Express, and Qualcomm's Eudora that use Microsoft's viewing software and have 
fairly recent versions of its Java virtual machine. A Trojan Horse sent via 
email will be executed as soon as the message is viewed -- without any 
prompting. 
<P>Web browsing with Internet Explorer 4.0 and 5.0 can be dangerous if users 
click on a Web site with malicious Java -- but Netscape's browsers are immune. 
"If you use Navigator, you're not vulnerable to this attack," says Rice 
University's Wallach. 
<P>Other members of the team include <A 
href="http://www.cs.princeton.edu/~ddean/";>Drew Dean</A> and <A 
href="http://www.cs.princeton.edu/~balfanz/";>Dirk Balfanz</A> of Xerox PARC, and 
Princeton computer science professor <A 
href="http://www.cs.princeton.edu/~felten/";>Ed Felten</A>, best known for his 
testimony as the government's technical expert in the Microsoft antitrust case. 
<P>All are current or former members of Princeton's <A 
href="http://www.cs.princeton.edu/sip/";>Secure Internet Programming group</A>, 
which has revealed many security vulnerabilities in Java implementations over 
the last four years. 
<P>This attack works by repeatedly sending a specific message to a Java thread, 
exploiting what computer scientists call a race condition. Usually, Microsoft's 
Java virtual machine does the right thing by barring a program from executing 
dangerous functions. 
<P>But the attacking program the researchers showed to Wired News doesn't give 
up. Each try takes scant milliseconds, and in less than a second, the Java VM's 
security is toast. Thanks to that programming flaw in Microsoft's Java class 
library, the hostile Java program has full system privileges and can, 
essentially, do whatever it wants. 
<P>The four-person team of security researchers jointly unearthed the 
vulnerability during a brainstorming session last month at Dean's home in Palo 
Alto, California. "It began with looking at a piece of Microsoft code and 
saying, 'That's sloppy!'" says Wallach, who says the team will not release the 
source code of the Java program that exploits the vulnerability. 
<P>After the researchers tipped off Microsoft last Thursday evening, the company 
quickly scrambled to fix the error. "At that point we had to find the developers 
and call a conference and get to writing the code and testing it to verify we 
fixed it," said John Montgomery, MS product manager. 
<P>"It doesn't just happen to us. If you look at <A 
href="http://www.cert.org/";>CERT</A> [Computer Emergency Response Team], most of 
the advisories posted are for Unix.... Building sophisticated software is hard. 
Giving people a rich user experience means you're going to run into situations 
where that can be abused," Montgomery said. 
<P>A Microsoft <A 
href="http://www.microsoft.com/Security/Bulletins/MS99-031faq.asp";>security 
bulletin</A> says the glitch lets anyone "create, delete or modify files on the 
user's computer, reformat the hard drive, copy data to or from a Web page, or 
take other desired action." 
<P>A Microsoft spokesman stressed that the company had made the patch available 
on its Web site within a few days. 
<P>The original glitch seems to originate in the Java code provided by Sun to 
companies including Microsoft. Security experts say Sun and Netscape have 
already fixed the problem in their Java VM implementations. 
<P>To disable Java in Outlook, go to the Security tab in the "Outlook Options" 
dialog box and select "restricted sites zone." Then, in the Windows control 
panel "Internet Options," go to "Restricted sites/Custom level" and scroll down 
and "Disable Java." 
<P>Users of Unix, Linux, and Macintosh computers are not affected. <BR><BR><FONT 
face="Verdana, Arial, Geneva, sans-serif" size=2><B><I>Related Wired 
Links:</I></B></FONT><BR><IMG height=10 
src="http://static.wired.com/news/images/pix155.gif"; width=155><BR><FONT 
face="Arial, Helvetica, sans-serif" size=2><B><A 
href="http://www.wired.com/news/news/business/story/21442.html";>Locking Windows' 
Backdoors</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, &#10;Geneva, &#10;sans-serif" 
size=1>26.Aug.99</FONT><BR><BR><FONT face="Arial, Helvetica, sans-serif" 
size=2><B><A 
href="http://www.wired.com/news/news/technology/story/20916.html";>Same Hole, 
Different Exploit</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, &#10;Geneva, &#10;sans-serif" 
size=1>23.Jul.99</FONT><BR><BR><FONT face="Arial, Helvetica, sans-serif" 
size=2><B><A 
href="http://www.wired.com/news/news/technology/story/19160.html";>Another 
Privacy Hole in IE 5.0?</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, &#10;Geneva, &#10;sans-serif" 
size=1>16.Apr.99</FONT><BR><BR><FONT face="Arial, Helvetica, sans-serif" 
size=2><B><A 
href="http://www.wired.com/news/news/technology/story/18819.html";>Melissa, 
Spawned by Spam</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, &#10;Geneva, &#10;sans-serif" 
size=1>30.Mar.99</FONT><BR><BR><FONT face="Arial, Helvetica, sans-serif" 
size=2><B><A 
href="http://www.wired.com/news/news/technology/story/18016.html";>New NT 
Security Risk Uncovered</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, &#10;Geneva, &#10;sans-serif" 
size=1>19.Feb.99</FONT><BR><BR><FONT face="Arial, Helvetica, sans-serif" 
size=2><B><A 
href="http://www.wired.com/news/news/technology/story/14044.html";>Microsoft 
Patches NT Hole</A></B></FONT><BR><FONT color=#ff0000 
face="Verdana, Arial, &#10;Geneva, &#10;sans-serif" 
size=1>28.Jul.98</FONT><BR><BR></FONT><!-- END_OF_BODY --><BR><BR><!-- start of newsbot query --><!-- generic newsbot text --></B><FONT 
face="Verdana, Arial, Geneva, sans-serif" size=2><I>
<P>Have a comment on this article?<BR><A 
href="mailto:newsfeedback@xxxxxxxxx";>Send it</A>.</I></FONT> <!-- end generic newsbot text --><!-- end of newsbot query --><!-- FOOTER --><BR><IMG 
alt=[] border=0 height=10 src="http://static.wired.com/news/images/pix155.gif"; 
useMap=#navstrip.map width=155> <BR><IMG alt=[] border=0 height=17 
src="http://static.wired.com/news/images/navstrip_tech.gif"; useMap=#navstrip.map 
width=126><BR><BR>
<P><FONT face="Verdana, Arial, Geneva, sans-serif" size=1><A 
href="http://www.wired.com/news/feedback.html"; target=_top>Send us 
feedback</A>&nbsp;| <A href="http://www.hotwired.com/jobs/"; target=_top>Work at 
Wired Digital</A>&nbsp;| <A href="http://home.wired.com/advertising/"; 
target=_top>Advertise with us</A> <BR><A href="http://home.wired.com/"; 
target=_top>About Wired Digital</A>&nbsp;| <A 
href="http://www.wired.com/home/digital/privacy/"; target=_top>Our Privacy 
Policy</A></FONT></P>
<P><FONT face="Verdana, Arial, Geneva" size=1><A 
href="http://www.wired.com/home/copyright.html"; target=_top>Copyright</A> © 
1994-99 Wired Digital Inc. All rights 
reserved.</FONT><BR><!-- TRACKING --></P></FONT></FONT></BODY></HTML>
</x-html>Content-Type: image/gif;
	name="pix155.gif"
Content-Location: http://static.wired.com/news/images/pix155.gif

Attachment Converted: "c:\eudora\attach\pix155.gif"
Content-Type: image/gif;
	name="navstrip_tech.gif"
Content-Location: http://static.wired.com/news/images/navstrip_tech.gif

Attachment Converted: "c:\eudora\attach\navstrip_tech.gif"
Content-Type: image/gif;
	name="prev_s_x.gif"
Content-Location: http://g.deja.com/gifs/prev_s_x.gif

Attachment Converted: "c:\eudora\attach\prev_s_x.gif"
Content-Type: image/gif;
	name="prev_t.gif"
Content-Location: http://g.deja.com/gifs/prev_t.gif

Attachment Converted: "c:\eudora\attach\prev_t.gif"
Content-Type: image/gif;
	name="next_t.gif"
Content-Location: http://g.deja.com/gifs/next_t.gif

Attachment Converted: "c:\eudora\attach\next_t.gif"
Content-Type: image/gif;
	name="next_s_x.gif"
Content-Location: http://g.deja.com/gifs/next_s_x.gif

Attachment Converted: "c:\eudora\attach\next_s_x.gif"
Content-Type: image/gif;
	name="post_r.gif"
Content-Location: http://g.deja.com/gifs/post_r.gif

Attachment Converted: "c:\eudora\attach\post_r.gif"