[Foss-cafe] The amount of damage is too great for words

Steven Hatfield steven at knightswood.net
Mon Sep 27 23:24:07 CDT 2004 

I am usually a quiet lurker on these boards, but today I feel a  
little... vocal.  Yeah.. vocal and ROYALLY PISSED OFF!

<rant mode=FULLBLAST>
I have watched Microsoft's entry into the Internet, starting back  
around 1995, come to it's final and inevitable conclusion.  I knew then  
that they were going to completely botch the whole thing, and to date  
they have done nothing but prove me to be correct beyond the shadow of  
a doubt.

Unless you haven't been reading the web recently, there has been a  
newly discovered bug in Internet Explorer -- one that is turning out to  
be the worst EVER.

The bug in a nutshell:  JPEG buffer overflow exploit allows remote  
execution of arbitrary code:
http://asia.cnet.com/news/security/0,39037064,39193726,00.htm

Now it is as easy as posting a message to usenet to infect and control  
someone else's machine:
http://www.easynews.com/virus.txt

While Microsoft's tech specs say that this only affects WinXP systems  
or computers with Office XP/2003, if you look carefully at this URL...

http://www.microsoft.com/downloads/details.aspx?FamilyId=6A63AB9C-DF12 
-4D41-933C-BE590FEAA05A&displaylang=en

...you will notice that GDI+ affects everything from Win98 to Win2003.   
This means that anyone who has installed any application that provides  
GDI+ as a component (such as IE6SP1, Office XP or Office 2003) is 100%  
vulnerable to this exploit.  Furthermore, Microsoft is only releasing  
patches for Windows XP and Office XP and higher.  You will also notice  
at this page:
http://www.microsoft.com/downloads/details.aspx?FamilyID=1e1550cb-5e5d 
-48f5-b02b-20b602228de6&DisplayLang=en
that IE6SP1 (which is the latest version of IE from Microsoft and is  
vulnerable to this exploit) is available for Win98, with no update  
available to fix this bug.

This is absolutely a huge problem, in that most people won't know to  
upgrade their office or web browser products, thinking that this is a  
WinXP issue or completely not hearing about this at all!  What will  
happen is that people the world over, who have no idea about upgrades,  
will be the unwitting participants in the worlds largest zombie network  
of PCs EVER.  You can expect MILLIONS of zombie machines being used to  
send spam, DDoS important networks, for spreading child pornography,  
etc.  Right now there are people with tens of thousands of these  
machines -- it's been relatively easy to get a zombie network  
established.  But this is going to be HUGE in comparison.  Think  
handwritten books compared to after the printing press was invented.   
People with Outlook as their email client are royally screwed -- all  
they have to do is have message preview enabled and receive an infected  
email.  That's it -- they have to do nothing else.  They simply need to  
get the wrong pop-up, or visit the wrong site, or read the wrong  
newsgroup post.  You get the picture.  It's zombie networks for dummies  
time, and the world is their playground.
</rant mode=OFF>

Que Optimism:

BUT there is an upside!  This is a GOLDEN opportunity for anyone in the  
alternate OS business to step forward and do some marketing.  "Come to  
us! We won't leave you hanging in the wind!".  Oh, this could be GOOOD!  
  Now if only someone at Red Hat, Novell or other distributions will  
only step up and start working some marketing mojo!

-Steven

More information about the Foss-cafe mailing list