17-year-old Windows Flaw Affects All Since NT
Windows Virtual DOS Machine bug from 17 years ago affects Windows 7 users today.
We often hear of Windows security bugs that plague a recent version of the operating system that many are still using today, but rarely do we hear of a bug that reaches all the way back – 17 years – to Windows NT.
Tavis Ormandy, a security researcher at Google, discovered a security flaw in the Virtual DOS Machine that can allow a nefarious user to inject code into the kernal and possibly install malware.
Given that all modern versions of Windows still feature the Virtual DOS Machine, this is a vulnerability that still exists today.
"All 32bit x86 versions of Windows NT released since 27-Jul-1993 are believed to be affected, including but not limited to the following actively supported versions:
- Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7"
Microsoft has yet to respond to the flaw, and until it does with a patch, Ormandy recommends the following as a way to mitigate the hole:
"Temporarily disabling the MSDOS and WOWEXEC subsystems will prevent the attack from functioning, as without a process with VdmAllowed, it is not possible to access NtVdmControl() (without SeTcbPrivilege, of course).
"The policy template "Windows Components\Application Compatibility\Prevent access to 16-bit applications" may be used within the group policy editor to prevent unprivileged users from executing 16-bit applications. I'm informed this is an officially supported machine configuration."
- Windows 7 SP1 Screenshots Leaked
- Wednesday Deals: Specials for January 20, 2010
- Macs Finally Get Windows 7 Support in Boot Camp
- Nvidia CEO: The PC Has Lost its Magic
- We've Updated Our Graphics Card Charts!
- U.S. PC Companies Dead in 20 Years, says Acer
- No New Half-Life This Year? (Say It Isn't So!)
- Intel Drops the Prices of Several CPUs
- Warcraft Movie (Still) Officially in Development
- HP's "Wall of Touch" That You Don't Need to Touch
- Nvidia Responds to AMD's Claim of PhysX Failure
- Asus Launching Ion 2 Eee PC in April
- Build Your Own: Introducing Tom's Hardware's BestConfigs!
- HP to Launch Laptops With Integrated Projectors
- System Specs Revealed for Aliens vs Predator
- Drool: Maingear's New OC'd Core i7 Gaming Rigs
- Nvidia Driver Bug Stops Overclocking; Fix Soon
- Galaxy Launches 2-Year-old Graphics Card. Why?
I thought vista and win 7 were totally re-wrote? Suppose they couldn't rewrite everything.. Luckily it seems to only effect 32bit =)
WHAT!? You gotta be kidding me! Seriously! Wow!
people still run 32bit? ;>
It is, naturally, not a bug but a feature preserved for backward compatibility reasons, like bugs in INT 21 functions since early DOS versions.
Glad I completed the switch to x64 (just a few eeks ago, though).
Glad I completed the switch to x64 (just a few weeks ago, though).
Sorry for the double post; seems like that's been happening to a few people recently!?
Can Bill Gates still write code? This may need his personal touch.....
It has nothing to do with 32 vs 64 bit , but more so with MS-DOS compatibility. Disable DOS & you're fine.
Big deal... "Possibly install malware", just how real is this bug? MSFT will have it fixed in a week and it will all be forgotten.
So doesn't affect 64 bit or those who have DOS disabled?
I'm quaking in my boots...
ah....could have guessed this piece of genius was a yam production
32-bit Windows 7 doesn't seem to support DOS software anyways. If I try to run the old DOS-based Scorched Earth game Windows 7 gives me an error stating it couldn't load the application. If I use the DOS Box emulator under Windows 7 then Scorched Earth runs fine.
Windows 7"
Hahaha... What's with the inches sign? Who else noticed that?
LOL at people who still run 32-bit machines.
7" - windows envy?
32-bit windows users = only about 99% of all windows users
Security issue? Malware? what are these? How do I protect my PCLinuxOS system from them? Hold on I'll check.
The tech guy said do nothing, maybe open another beer if you feel like it: P
If Carlsberg made operating systems......
This is interesting to know. Presumably, this would not affect XP64, Vista64, nor Win7x64, since none of those operating systems have any support for 16-bit applications (to the best of my knowledge).
My critical systems have been running 64-bit Operating systems for quite some time now, but my older, lower-end systems still use 32-bit XP.
Windows 7 was the last thing he said in the quote, so it was Windows 7 (end quote).
Get it?
I thought vista and win 7 were totally re-wrote? Suppose they couldn't rewrite everything.. Luckily it seems to only effect 32bit =)
Most real software is never totally re-written (sans Mozilla). When you develop a new codebase you have to deal with many more times the bugs than if you had simply modified an existing one. Code that is constantly maintained typically gets better over time.
Windows 7 was the last thing he said in the quote, so it was Windows 7 (end quote).Get it?
"Windows 7 Inches" sounds fine too...
i think this should have been in a PM/email from this guy to microsoft, not really something you want to have posted all over the internet for everyone to know about...
I would like to know the specifics of this security flaw. VDM was created for the specific reason of eliminating the lack of security that a 16bit OS had. Is VDM not going to cut it or is this flaw BS? If it is an issue, I don't see how it can be fixed, right now, as VDM is essential for backwards compatibility, among other things.
not a bug or flaw, it's intentional for legacy compatibility. everyone has been well aware of the it for a long time, and how to plug the hole.
this isn't news.
You know though to be honest, given unlimited access over such a long period, I'm surprised more bugs haven't been found. In some respects we should be angry that our security is compromised, but in other ways we need to realize that this software was written by humans, who in essence aren't perfect, we also must realize that software like an OS requires hundreds of thousands of lines of code written by dozens of coders. These coders could not foresee every way in which their program could be hijacked, and I think in that way Windows really has shown us that it can stand the test of time, since so many have tried to find a way to destroy it.
Another thing we can add to the list of reasons why we should all switch to 64bit. I really didn't think it would take this long.
no virtual dos is like included software. windows 7 could have been re-wrote but virtual dos is not really a native part of it. the last OS that was native to dos was windows ME.
i could be wrong though
Windows 7"Hahaha... What's with the inches sign? Who else noticed that?
that's the end quotation mark, as that is where the guy stopped talking and when TOM's started to talk...
its not inches up here in canada eh, " stands jusst for the quotation mark.
Can't be that big a deal. After all, if it hasn't been exploited in 17 years...
That is why you have to get the 64 bit version. No need for the old 32bit. We won't even see 32bit on Windows 8.
Fail$oft yet again while Apple taxes away.
people still run 32bit? ;>
My pentium 4 is incapable of running 64bit windows 7. so yes.