Hi malware fighter,

A Google researcher has found up a hole in Windows that has been waiting there for some 17 years. All versions of the Operational System are vulnerable.

The hole is in the Virtual DOS Machine, that arrived in Windows with Windows NT 3.1 that was launched during 1993 uitkwam. VDM then was added to support 16-bit applications. The hole that was created at that time still can be found in all 32-bit Windows versions, yes all the way up including Windows 7.
This is reported by Tavis Ormandy while he presented this hole. He has discovered another overall Windows vulnerability that had been around for 8 years and one within the Linux-kernel.

Known since June last

He made the new Windows-hole public, because Windows did not bring out a patch while the firm has been noticed about the problem as early as June 12th 2009. Because there is an easy and effective work-around available, he decided to inform users. That is why he sought to make information about the hole public without a patch has been released. .

The work-arounds can also be found in his publication. Temporarily disabling of the MSDOS- en WOWEXEC-subsystems uis all it takes to be secure. Also policies to prevent some-one from executing any 16-bit application. This is a supportive practice in Windows. There are even a couple of vids that show how this is being tackled.

For 17 years now…

Users are advized to act because an attacker can inject code into the kernel during a succesful attack creating access to sensitive parts of the OS. Exploits function for Windows XP, Windows Server 2003 and 2008, Windows Vista and Windows 7. Researching the vulnerability on other systems is left to the “those interested”. The Immunity firm has added the exploit to its Canvas product.

Zero-day weaks

Microsoft researches the Omandy claims, but states the hole has not been exploited in the wild

(why leave it sitting there for 18 years, If one wants another proof of security through obscurity or we only act if we cannot leave it anymore, what further proof do you want - remarks by me)
de beweringen van Ormandy, maar zegt dat er nog geen gebruik wordt gemaakt van het lek. That Microsoft knew all the time about the hole and did not take any extion, can be affirmed by researcher Evgeny Legerov. He says cooperation with software producers does not bring a thing. Since he found out he comes up with a zero-day hole every day.

Links: http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0346.html
http://techworld.nl/technologie/15452/hacker-publiceert-zero-day-bugs-als-protest.html
http://techworld.nl/technologie/15134/drie-weken-lang-zero-day-bugs.html

Source: found and translated from Webwereld.nl

http://forum.avast.com/index.php?topic=53809.msg456165;topicseen#msg456165

Are 64bit not vulnerable with this hole?

I think I can remember this being pushed as advantage of 64bit when I bought my XP Pro 64bit (which I don’t use because not supported by my Vodem wireless connect ??? I have a ticket in right this moment to sort an issue for Vodafone NZ website and my 64bit moan about non-connectivity has been tacked on as well - moan = I don’t see why I should have to pay again to upgrade my hardware for 64bit connectivity). Fingers crossed

Does above vulnerability issue relate only to 32bit, so my barely used XP 64bit may possibly one day live up to the initial promise?

• which promise included more secure than 32bit as performance proviso

vulnerability has been mentioned again lately, after it was discovered many months ago (last June) because MS addressed it with along with a series of patches a few weeks ago. It’s should be solved now (normally…).

in 2006 the future was going be 64bit - and still is.
But Vista 32bit could run well enough with 2Gb ram and duo core.

Still lots of nice Vista 64bit laptops around - a more secure option for users? Of course.