|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
10-13-2008
| #1 (permalink) |
| Microsoft® Windows Vista™ Ultimate x64 SP2 Windows 7 7127 x64 | The 8 most dangerous Windows vulnerabilities The 8 most dangerous Windows vulnerabilities The bugs that caused the most serious damage Andrew Brandt Uncovering and exploiting Windows vulnerabilities has become as sport for many, and in a number of cases, even a career. We've rounded up a list of the worst Windows flaws we've endured since the introduction of Windows 98 Windows may be one of the world's most popular operating systems, but it's swamped with bugs that leave it open to exploits. No matter which version you choose; Vista, XP, 2000 or even 98, you're sure to find some area of the OS that has been compromised thanks to a bug. In fact, uncovering and exploiting Windows vulnerabilities has made sport for many and careers for many more. Entire industries have sprung up to protect Windows users from previously unknown flaws, while malware authors have matured their practices from juvenile pranks to moneymaking criminal enterprises. These errors, buried in millions of lines of code, have steered great corporations and turned the tide of fortunes. It's high time they got the credit they deserve. We've rounded up a list of the worst Windows flaws we've endured since the introduction of Windows 98. The password 'password' would have been more secure Bug identifier: VCE-2000-0979, MS00-072 Description: Share Level Password vulnerability Alias: Windows 9x share password bypass Date published: October 10, 2000 Windows 9x introduced a nifty little concept wherein users could host a password-protected mini file server, aka a share, on their PCs. The idea was simple: allow users of networked computers to host and share files securely. Only the padlock Microsoft used to lock the door came equipped with a gaping hole that rendered it useless. "When processing authentication requests for a NetBIOS share, Windows 95/98 would look at the length of the password sent by the attacker and then only compare that number of bytes to the real password," says vulnerability expert HD Moore, who manages the Metasploit Framework project. "This let the attack specify a password of zero bytes and gain access to the share," without actually knowing the password at all," Moore explains. "The real damage," he continues, "was that by trying all characters of incrementing lengths, they could literally obtain the password for share from the server." Upshot: Rather than functioning as a lock on a door, the password authentication scheme for Windows 95/98's File and Print Sharing acted more like a nail through a hasp - to open the door you only needed to pull out the nail, with hardly any effort. NEXT PAGE: Total server control with a single URL
read more on http://www.pcadvisor.co.uk/news/index.cfm?newsid=105475 |
My System Specs |
|
10-16-2008
| #2 (permalink) |
| Windows 7 Ultimate 32 bit Beta, Vista Ultimate x86 | Re: The 8 most dangerous Windows vulnerabilities Hi echrada, I wonder how many of these "bugs" continue to apply to Vista? |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Is this dangerous? | System Security | |||
| Re: Ubuntu security vulnerabilities | Vista General | |||
| Vulnerabilities of Microsoft Vista | Vista security | |||
| Dangerous Waters | Vista Games | |||
| OS X security vulnerabilities on the rise | Vista General | |||
