17-year-old Windows Flaw Affects All Since NT
Windows Virtual DOS Machine bug from 17 years ago affects Windows 7 users today.
We often hear of Windows security bugs that plague a recent version of the operating system that many are still using today, but rarely do we hear of a bug that reaches all the way back – 17 years – to Windows NT.
Tavis Ormandy, a security researcher at Google, discovered a security flaw in the Virtual DOS Machine that can allow a nefarious user to inject code into the kernal and possibly install malware.
Given that all modern versions of Windows still feature the Virtual DOS Machine, this is a vulnerability that still exists today.
"All 32bit x86 versions of Windows NT released since 27-Jul-1993 are believed to be affected, including but not limited to the following actively supported versions:
- Windows 2000
- Windows XP
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7"
Microsoft has yet to respond to the flaw, and until it does with a patch, Ormandy recommends the following as a way to mitigate the hole:
"Temporarily disabling the MSDOS and WOWEXEC subsystems will prevent the attack from functioning, as without a process with VdmAllowed, it is not possible to access NtVdmControl() (without SeTcbPrivilege, of course).
"The policy template "Windows Components\Application Compatibility\Prevent access to 16-bit applications" may be used within the group policy editor to prevent unprivileged users from executing 16-bit applications. I'm informed this is an officially supported machine configuration."
-
Jerky_san I thought vista and win 7 were totally re-wrote? Suppose they couldn't rewrite everything.. Luckily it seems to only effect 32bit =)Reply -
bitterman0 It is, naturally, not a bug but a feature preserved for backward compatibility reasons, like bugs in INT 21 functions since early DOS versions.Reply -
JD13 Can Bill Gates still write code? This may need his personal touch.....Reply
It has nothing to do with 32 vs 64 bit , but more so with MS-DOS compatibility. Disable DOS & you're fine. -
david714 Big deal... "Possibly install malware", just how real is this bug? MSFT will have it fixed in a week and it will all be forgotten.Reply -
back_by_demand So doesn't affect 64 bit or those who have DOS disabled?Reply
I'm quaking in my boots...