Silicon Shecky

Infosec Practitioner

Connect

Random Thoughts On Security

By Leave a Comment

Who thinks its funny that the day after Patch Tuesday, Windows 7 and Server 2008 R2 get hit with a zero day exploit that causes them to crash? Its one of those things that the timing seems suspect on. Obviously they knew about the exploit before hand, and had to confirm it before they would allow the world to know about it.

Well if you think about it, waiting till Wednesday, Microsoft basically about itself a full month to get the patch out there. Its a stall tactic. Now considering the flaw does not allow access to data, allow rooting of the OS, or anything worse than a crash, it isn’t as bad as it could be.

The whole thing that people don’t understand about an exploit like this, and say Malware that gets on your system is where the real hole is. The ultimate hole in any OS is the end user. They don’t want to hear that going to their favorite adult site is what is causing them to get infected with malicious software. They patch their system, they only go to sites they trust.

Now I do agree that holes in the OS such as the recently patched kernel flaw can cause a ton of problems. Still once that gets patched, you have less of a chance of a drive by infection. When your users go to unsavory sites, sites that do a ton of redirecting, or just sites that really are not maintained, they cause a much bigger problem.

Then there is the problem of pirated software. The funny thing about pirated software is it usually isn’t the software itself that has the malware in it, its the crack that does. Whether it is a key generator or a small file you change out, that little piece of code is what opens you up. Mind you I’m not saying that file sharing is bad. I’m not bashing bittorrent at all. In fact Bittorrent is very useful for getting legitimate Open Source software, such as Linux ISOs.

I’m also well aware of how expensive software is. The amount of profit Microsoft makes off of Office is insane, and it wouldn’t be pirated nearly as much of the price came down to a more manageable level. The thing is that there is reputable legal free software that can do most of what the expensive software does, without cracks or malicious software hiding inside of a crack. Open Office, Gimp, Linux, VLC, Audacity, and many more Open Source projects are really coming into their own.

The bottom line is no matter what we do, unless we are willing to take the time to properly educate our end users, I don’t care how much you harden your system, something will happen to it. Best to be prepared, and have a slew of tools ready. Oh, and some of the best of those tools, are Open Source and free.

Another Zero Day Exploit with SMB

By Leave a Comment

A new Zero day bug could crash Windows 7 and Server 2008 R2. Both new technologies, both have been officially released for less than a month, and to top it off, its related to the SMB protocol. It seems that we have been down this road before.

A couple of months ago Microsoft finally patched a different major problem with the SMB protocol. Just like that one, the recommendation is to turn of SMB, and close the ports for it. Now this is getting a bit ridiculous that something used for file sharing, that is a common protocol, and that has had major problems in Microsoft OSes before keeps having new issues.

The real question though is how long till there is a fix for it? The previous hole in SMB took a long time for them to fix. Now add on that Small Business, while they might not be using Server 2008 R2, could be starting to use Windows 7. How will this affect the adoption of Win 7 in the enterprise? Will it slow it down? Also does this hole affect Vista, XP, SBS 2008, SBS 2003, Server 2003, Server 2008 (non-R2)?

Hopefully, we will get answers.

Patch Tuesday, not just for Windows…

By Leave a Comment

Today is the monthly Patch Tuesday for Windows users. We know to expect it once a month. This month though, its important for Mac users also.

Apple has released 58 critical security patches for OS X. It goes to show that even Mac is a vulnerable operating system. Any operating system can be hacked or have holes in it, no matter what the commercials say. Truth be told that the no-virus or minimal virus thing is mostly because people do see a big advantage of writing malware for OS X because of the small market share.

This sort of point can be proven with Firefox. As Firefox has gotten more popular, and a larger market share, the amount of exploits for vulnerabilities has grown. That is not to say that Firefox is a bad thing, it does get patches quite regularly, and has some great add-ons to help mitigate potential issues. The point being that updates are very important and there is no such thing as a totally secure program.

I liken the security and how vulnerable it can be to a scene in an old episode of Doctor Who. Standing in front of a locked door, The Doctor’s companion asks if he is going to use his high tech sonic screwdriver to try and open the door. The Doctor replies with a resounding no, and pulls out a hair pin. He then states that the more complex and advanced something gets, the more vulnerable it is to the simplest thing. This is even more true in the world of computers.

So its patch Tuesday, and no matter what operating system you use, make sure you are patched up.