Microsoft Fixes 19 Year Old Windows Bug

Toggle sidebar
It is very hard to find something that you were never really looking for.

The day Microsoft becomes at least as concerned about security as piracy, we'll all be much safer.

IIRC, this falls on the heels of a similar discovery earlier this year.
 
jorgek said:
Interesting I just downloaded a bunch of updates for my XP machine. I thought the support had ended?
Click to expand...
Support for XP ended but they're still updating the other installed Microsoft software (like IE8, Office and WMP11).

If you look at what the updates were, they've been updating IE6 because the bugs have been around that long.

The only promise I can recall that Microsoft has reneged on was to keep Security Essentials going for XP for much longer than they did.
 
If the code works it is probably never really gone over year after year.... There is too much new code to have to be reviewed.
 
mike123abc said:
If the code works it is probably never really gone over year after year.... There is too much new code to have to be reviewed.
Click to expand...
It is not possible to write secure code that doesn't require a complete reverse engineering process to validate?

Look at that community that has sprung up around identifying security exploits and you have to wonder.
 
harshness said:
It is not possible to write secure code that doesn't require a complete reverse engineering process to validate?

Look at that community that has sprung up around identifying security exploits and you have to wonder.
Click to expand...

It is a matter of probability really. I would bet that 99.99+% of Windows code is secure and not exploitable. But, there are upwards of 60 million lines of code in Windows (outside estimates). So, even 99.99% is 6000 exploits waiting to be found... It is made worse by the constant change and updating. Long gone are the days of easy exploits, now most of them are based on obscure interaction of various parts of the OS in which each part itself is secure, but the interaction sets up an exploitable situation that of course no one thought of when writing or testing the code.
 
  • Like
Reactions: TheKrell
Again, if they had chosen a different set of programming tools, maybe this would be less of an issue.

When the OOP version of "Hello World!" is ten lines of code, your allowing lots of places for things to hide. HLL programming shouldn't require as much lines of code as assembly language.
 
  • Like
Reactions: Jim S.
I remember when someone showed us how to break into our BSD system back in the 80s, simply telnet to the SMTP program and type "shell" and poof it gave you a root shell... Yes, it was a debugging tool that was never commented out...
 
mike123abc said:
I remember when someone showed us how to break into our BSD system back in the 80s, simply telnet to the SMTP program and type "shell" and poof it gave you a root shell... Yes, it was a debugging tool that was never commented out...
Click to expand...
Then again, BSD didn't claim to be an enterprise class server operating system. That Microsoft stacks "wizards" on their desktop operating systems and calls them server operating systems is kind of backwards from the *nix world where servers are workstations without the extras.
 

Similar threads

Ilya
    • Like
Microsoft Surface Event
Replies
0
Views
393
Ilya
Ilya
rvvaquero
What to do with all this old computer stuff
Replies
3
Views
533
primestar31
primestar31
"MysteryMan"
    • Like
Windows 10/11 Download
Replies
96
Views
12K
EarDemon
EarDemon
primestar31
    • Like
Best, simplest version of Linux to put on old Sony Windows XP laptop?
Replies
101
Views
9K
harshness
harshness
jct21
Windows 11
Replies
399
Views
37K
EarDemon
EarDemon

Users Who Are Viewing This Thread (Total: 0, Members: 0, Guests: 0)

Who Read This Thread (Total Members: 1)

Latest posts

Share this page

Share this page
Top
Back