Microsoft Patching 17-year-old Windows/DOS Bug
A patch is on the way to fix up that ancient Virtual DOS Machine flaw.
Last month we reported that Tavis Ormandy, a security researcher at Google, discovered a security flaw in the Virtual DOS Machine that can allow a nefarious user to inject code into the kernel and possibly install malware.
The flaw spanned iterations of Windows operating system over the last 17 years, including:
- Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
According to the BBC, Microsoft will be rolling out a fix to this bug in a February Security Update. The update will fix five vulnerabilities that allow attackers to hijack a Windows PC and run their own programs on it.
The patch is expected to hit on Tuesday, February 9 but it's a good idea to have automatic updates turned on so that your OS will do the checking for you.
- Microsoft Disagrees With 'Clumsy' Criticisms
- Diablo III's Female Monk Spotted on Camera
- Buy Office 2007, Get Office 2010 for Free?
- Nvidia On Optimus: No Comment
- Dell Precision Laptop Gets Core i5, USB 3.0
- Former VP Calls Microsoft Clumsy, Uncompetitive
- Samsung's Transparent OLED Laptop Coming Soon
- Adobe Responds to Steve Jobs' 'Lazy' Comments
- Intel Announces Core i5, Core i7 With vPro
- China Closes Hacker Training Site w/ 180K Users
- RWS: Postal III is "Looking Good"
- Harddrives to Hit 3TB Capacities By November
- IBM Launches New Octa-core Chips and Servers
- PICTURED: Gigabyte's M1405 with External GPU
- Nvidia: External Laptop GPUs Are "Big Opportunity"
- Google Runs 3-month Old Video as Super Bowl Ad
- FAST! IBM Develops 100GHz Transistor Device
- Video: Are Intel Core CPUs Better than this Robot?
Yay, 4 more days for hackers to have fun with it.
Time to boot up my Windows 3.1 System for updates
kernal???
Use spell check please.
oh but I though windows 7 was entirely rewritten from scratch......
sons of b***es been lying to us AGAIN!!!
I dont mean to be crude but thats just how I feel now. I feel cheated on by MICROSOFT.
then again, im sure we all do
yay
they finally fixed it.
Better late then never I guess....
MSFT is rocking the code reuse. OOP is FTL?
Hmm... you mention Server 2008 but not Server 2008 R2 but yet you mention Vista and Win 7?
========
One more thing: This ONLY affects 32 bit Windows Versions!
See: http://www.microsoft.com/technet/s [...] 79682.mspx
=======
Affected Software
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows Server 2003 Service Pack 2
Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2*
Windows 7 for 32-bit Systems
Non-Affected Software
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for Itanium-based Systems
Get rid of Windows, use Linux :-)
oh but I though windows 7 was entirely rewritten from scratch......sons of b***es been lying to us AGAIN!!!
Some how i dont think they lie. In fact they never mentioned it was rewritten.
it certainly improved coding from windows vista but not rewritten.
Hmm... you mention Server 2008 but not Server 2008 R2 but yet you mention Vista and Win 7?========One more thing: This ONLY affects 32 bit Windows Versions!See: http://www.microsoft.com/technet/s [...] 79682.mspx=======Affected SoftwareMicrosoft Windows 2000 Service Pack 4Windows XP Service Pack 2 and Windows XP Service Pack 3Windows Server 2003 Service Pack 2Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2*Windows 7 for 32-bit SystemsNon-Affected SoftwareWindows XP Professional x64 Edition Service Pack 2Windows Server 2003 x64 Edition Service Pack 2Windows Server 2003 with SP2 for Itanium-based SystemsWindows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2Windows 7 for x64-based SystemsWindows Server 2008 R2 for x64-based SystemsWindows Server 2008 R2 for Itanium-based Systems
+1 nice find shadow.
Good thing X-Box'es are written from scratch.
...
Oh wait...
Cheers! xD!
Good job getting that fixed in a timely fashion!
And what are they going to do on your PC? Play Solitaire!
Microsoft never stated that Windows 7 was written from scratch, you must of dreamed that. Windows
7 is a Vista make over. They took vista and deleted all the main complaints and added the top features
everyone suggested. Any 64 bit driver that was written for Vista will work with 64 bit Win 7, i have downloaded and used 6 Vista drivers for my Windows 7 including but not limited to Printer, and they all
work perfectly. This is such a small hacker risk that Microsoft didn't feel the need to address it till now, and
probably the only reason their addressing it is to shut a few people up. Go Windows 7(Vista)...........
Get rid of Windows, use Linux :-)
I would love to, but unfortunately I need Windows to play me games (ie Crysis, Far Cry,etc).
yep, programming is hard so it is understandable, taking 17 years to patch a security problem, especially when your busy making the OS slower and adding useless eye candy.
Microsofts response to taking 17 years
"Do you want it done fast or do you want it done right"
Time to boot up my Windows 3.1 System for updates
heh, +1 good sir.
I would love to, but unfortunately I need Windows to play me games (ie Crysis, Far Cry,etc).
http://www.youtube.com/watch?v=USni2nTweOE
Not sure how well it works tho.
http://www.youtube.com/watch?v=USni2nTweOENot sure how well it works tho.
Doesn't work well at all unless you enjoy 1024*720 and slide shows.
Only took 17 years...
Time to boot up my Windows 3.1 System for updates
yeah its about damn time, was i the only one that caught this 17 years ago? lmao jk
Shadow703793 good work. I'm glad i took advantage of the 64 bit environment they actually had to really start from scratch with this peace of code
This bug must have been a 17-year Cicada...
http://en.wikipedia.org/wiki/Magicicada
must not have been much of a bug.
kernal???Use spell check please.
Maybe you should take your own advice.
Well at least they're doing something about rather than do nothing.
There WERE just doing nothing about it. Now FINALLY they're doing something about it!
kernal???Use spell check please.
It's not a kernel of corn dude...
Take a researcher from a competitor to finally persuade MS to act.
Friendly competition benefits us all.
better late than never?