WinInfo Daily UPDATE—brought to you by the Windows & .NET Magazine Network
THIS ISSUE SPONSORED BY
Availability Monitoring for Windows
SPONSOR: AVAILABILITY MONITORING FOR WINDOWS
MKS AlertCentre is an affordable availability monitoring solution that is extensible and easy-to-deploy. It can make system and network administrators more productive by automatically monitoring critical systems and applications by notifying them of problems so they can act quickly and avoid disasters. AlertCentre provides you with the "peace of mind" of knowing your website, e-mail server and other critical systems and applications are running smoothly. AlertCentre comes bundled with MKS Toolkit for System Administrators, which includes hundreds of tools for customizing monitors and automating corrective actions. Call 800-637-8034; +1 (703) 803-3343. Or, Try It. Request FREE for 30 day eval at:
August 22, 2002—In this issue:
1. NEWS AND VIEWS
- Microsoft Security Vulnerability: Fact or Fiction?
- Enter the Windows & .NET Magazine/Transcender Sweepstakes!
3. CONTACT US
- See this section for a list of ways to contact us.
1. NEWS AND VIEWS
(contributed by Paul Thurrott, [email protected])
Yet another Microsoft controversy is in the news this week. This controversy involves a so-called Windows Shatter Attack that is "unfixable" because the only reliable solution reportedly requires functionality that Windows doesn't have. Predictably, several news agencies have latched onto the story, foretelling the upcoming demise of Windows. But as Microsoft points out, for the Shatter Attack to do any damage, an intruder must gain access to a user's system. And, according to the company's Ten Immutable Laws of Security (see URL below), after this situation occurs, the user's system already has been exploited. Thus, Microsoft says, the Shatter Attack doesn't represent a Windows vulnerability but illustrates what can happen when users ignore basic security practices.
Programmer Chris Paget authored an online white paper that describes the Shatter Attack and other attack methods (see the second URL below). According to Paget, Microsoft Group Vice President Jim Allchin's comments during the company's antitrust trial inspired Paget's research. Allchin said that certain flaws in Windows were so serious that if the company revealed the Windows source code, information about the flaws would threaten national security. Allchin then mentioned the Windows message-queuing subsystem, and Paget got to work looking for flaws. The Shatter Attack is apparently one successful result of his research.
Microsoft's response to Paget's attack is credible, however. After noting that the Shatter Attack is just a new approach to an old issue that the company has known about for years, a Microsoft spokesperson told Paget in an email that his attack requires that a system be compromised before the attack can do any damage. "The attack you describe either requires \[users\] to run an attacker's program on their \[systems\] or the attacker needs to have access to the \[users' systems\]," the email reads. "In either case, the attacker has been allowed to cross a security boundary. In our essay, the 'Ten Immutable Laws of Security,' these are Law #1—'If a bad guy can persuade you to run his program on your computer, it's not your computer anymore,' and Law #3—'If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.'"
Obviously, the Shatter Attack isn't the real problem. The problem is the email virus that could deliver the attack or any other delivery vehicle that gives an attacker remote or physical access to a user's system. Thus, the details of the attack matter little.
(brought to you by Windows & .NET Magazine and its partners)
Nothing can help you prepare for certification like Transcender products, and no one can help you master your job like Windows & .NET Magazine. Enter our combined sweepstakes contest, and you could win a Transcender Deluxe MCSE Select Pak (a $729 value) or one of several other great prizes. Sign up today!
3. CONTACT US
Here's how to reach us with your comments and questions:
(please mention the newsletter name in the subject line)
- TECHNICAL QUESTIONS — http://www.winnetmag.net/forums
- PRODUCT NEWS — [email protected]
- QUESTIONS ABOUT YOUR WININFO DAILY UPDATE SUBSCRIPTION?
Customer Support — [email protected]
- WANT TO SPONSOR WININFO DAILY UPDATE?
This daily email newsletter is brought to you by Windows & .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today.
Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.
Thank you for reading WinInfo Daily UPDATE.