MacDailyNews Take: Venerable? Not in these parts.
The Beeb continues, “First appearing in Windows NT 3.1, the vulnerability has been carried over into almost every version of Windows that has appeared since. The monthly security update will also tackle a further 25 holes in Windows, five of which are rated as ‘critical.'”
“The ancient bug was discovered by Google security researcher Tavis Ormandy in January 2010 and involves a utility that allows newer versions of Windows to run programs that date from the DOS era,” The Beeb reports. “Mr Ormandy has found a way to exploit this utility in Windows XP, Windows Server 2003 and 2008 as well as Windows Vista and Windows 7.”
The Beeb reports, “The patch for this vulnerability will appear in the February security update. Five of the vulnerabilities being patched at the same time allow attackers to effectively hijack a Windows PC and run their own programs on it.”
Full article here.
MacDailyNews Take: Our headline says it all.
Finally… Windows is now as secure as OS X!
@little man
Ummmm…… no. Not even close.
Their flaws are older than OSX!
Oh, well, legacy compatibility can’t last forever. Time to download the new malware SDK…
iSteve;
That flaw is older than many of Microsoft’s staunchest defenders.
Consider it a birth defect.
Does anyone at the Beeb know how to copy edit? DOS stands for Disk Operating System. Without the acronym, the sentence would read, “The February update for Windows will close the loophole that involves the venerable Disk Operating System operating system.”
@ Adam
Popular usage often trumps repetitive redundancies that recur by being repeatedly reiterated.
I saw 17 year old bug and thought they were talking about Windows itself.
Hm…
Classic!
MDN – Again “Windows Vulnerability” is NOT news!
Woah, already?! That was quick.
News would be “Microsoft Operating System Thwarts Hackers for One Entire Hour”
@Adam. I believe DOS originally came from QADOS (Quick And Dirty Operating System) the internal nickname for the project of stealing Gary Kildall’s CP/M system. Kildall had never reached terms with Bill Gates and IBM, so they found someone to copy it. As I understand it, they dropped the QA and renamed the D.
The point that everyone missed is that M$ had to keep the hole open. M$’s bag for many years was that you just upgraded the OS and not any of your other software. That way you can enjoy the latest version of solitaire even if you still use WordPerfect 5.0 or Word Star for your documents…..This is one of the dumbest moves M$ made in their evolution.
just my $0.02
@m159: Close. QDOS (no “A”) was a competing product to CP/M that Microsoft purchased to work into MS-DOS. QDOS was indeed a rip-off of CP/M, out-and-out copying large chunks of CP/M’s source code. However, Microsoft’s position was that the plagiarism happened before they bought the product and that they were unaware of it when they made the purchase. The courts found that it couldn’t be proved otherwise and so Microsoft wasn’t liable.
(Mind you, if Microsoft did secretly have something to do with the plagiarism, it wouldn’t shock me. Microsoft’s business model of copying what exists already goes right back to the beginning, when Bill Gates used to rummage through trash cans for code printouts at his school.)
——RM
Any relation to 17 year cicadas?
http://en.wikipedia.org/wiki/Brood_X
They die off after a few weeks only to re-emerge 17 years later…
I am so glad I don’t run a Windows machine anymore.
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
To be fair, it was only discovered in January 2010. That’s not terribly unresponsive.
@Robin
Thanks for the clarification. I’ve heard various stories about Kildall’s no deal with microsoft/IBM. One that he was a bit of a flake, or that he was holding out for better terms, or that he simply despised Gates. Certainly Kildall was not as conniving. I’m convinced Gates has no technological vision at all, but rather is a driven game-player working with predatory contracts and deals, like his daddy.
LordRobin and m159,
A few years back I read an article online about a former M$ employee who worked on Winblows Media Player. He said that they had 3 white boards in a conference room with blown up screenshots of iTunes and Real Player on two of them and chose pieces of each interface to put on the third board which was for WMP.
Sorry, can’t find link in my cursory Google search here at work.
“security researcher”
That sounds like a fun job. I want to be a bank security researcher.
“To be fair, it was only discovered in January 2010. That’s not terribly unresponsive.”
Only discovered by “the good guys.” How long have the blackhats known about this? Was it useful for exploitation.
@Adam
but DOS is also a trademark, so I think the BBC copy is correct. I don’t recall any descriptions of the operating system on early PCs reading “Operating system: Disk” but I do recall things like “operating system: DOS”
MDN…you had a typo. It should have read venereal not venerable
I am so relieved…
I thought that Microsoft claimed that it got rid of MS-DOS with the introduction of W98?