Only very recently Microsoft was implied in a Chinese hack on Google’s property because of a 0 day vulnerability. While the rumors have not even died out and while France and Germany have advised people not to use Internet Explorer anymore, more really bad news hits the streets; Another 0 day vulnerability in all Microsoft Windows kernels from Juli 1993 and onwards has been discovered and published.
My favorite security site security.nl reports on this in Hacker vindt nieuw lek in Windows kernel. Apparently the vulnerability is really in the heart of the Windows kernel as it is caused by the possibility to run 16-bit applications. Tavis Ormandy who found this vulnerability says that the best thing to do for system administrators (yes this includes you if your PC runs Microsoft Windows) is to shut-off the WOWEXEC and the MSDOS subsystems. Maybe any of my blog readers can elaborate on how to do this as I have not used Microsoft Windows for many years now and couldn’t tell you how to do it.
If you know how to read technical documents I can recommend reading Tavis Ormandy’s advisory on the subject. Even though Microsoft has acknowledged this vulnerability on June 12th, 2009, there’s still no patch available from Microsoft. My best guess is that Microsoft must be thinking much like govcert, the Dutch emergency response team that recently did not follow the French and German government because “‘Dat is nogal wat. We zien nog geen misbruik van het lek en wachten daarom met waarschuwen totdat Microsoft met een patch komt die afdoende is.” (That’s quite something. We don’t see anybody taking advantage of the leak yet and wait for that reason with warning until Microsoft comes with a patch that actually fixes the problem”). (source: Microsoftfix voor IE-lek werkt onvoldoende)
Oh and if you’re reading this because you’re one of my Facebook friends, please do not forget to read Friends!
