Microsoft to patch 17-year-old bug
February 8, 2010 by Lin Edwards
(PhysOrg.com) -- Microsoft's February security update will include a patch for a bug that dates back to Windows NT 3.1, which was released in July 1993. The vulnerability has been present but undetected in every 32-bit version of Windows since 1993, including Windows XP, Vista, Windows 2000, Server 2003 and 2008, and the newest version: Windows 7.
A security researcher for Google, Tavis Ormandy, found several flaws in the Virtual DOS Machine (VDM) utility that enables more recent releases of Windows to run old DOS and 16-bit software. The bug has the potential to enable an unprivileged 16-bit program to gain system privileged access level to the PC, which would allow attackers to get their own code to run. Ormandy found the bug and reported it to Microsoft over seven months ago and published a workaround, but a patch has not been ready until now.
The 17-year-old bug affects only Windows 32-bit versions and does not affect 64-bit machines, which does not have support for 16-bit applications. Microsoft has released a security advisory, which says the company is not aware of any attacks involving the vulnerability, and most users are at low risk, apparently because local access to the computer is required.
Among the 25 other patches included in this month’s security update are five “critical” vulnerabilities that could allow an attacker to hijack a PC running Windows and force it to run their own programs. The update also fixes bugs in Microsoft Office 2003 and XP, and Office 2004 for Apple Macintosh.
© 2010 PhysOrg.com
-
Microsoft's monthly security fixes spare Windows 7
Nov 10, 2009 |
not rated yet |
0
-
Upgrade to Windows 7? It all depends...
Oct 08, 2009 |
not rated yet |
0
-
Microsoft releases security patch for Web browser
Jul 29, 2009 |
not rated yet |
0
-
No News Is Big News for Sana Security
Apr 23, 2007 |
not rated yet |
0
-
Microsoft: Hardware Trends Create 'Perfect Storm'
May 17, 2007 |
not rated yet |
0
-
Engineers build first sub-10-nm carbon nanotube transistor
Feb 01, 2012 |
4.9 / 5 (31) |
30
-
Something old, something new: Evolution and the structural divergence of duplicate genes
Jan 31, 2012 |
4.6 / 5 (7) |
1
-
The hidden nanoworld of ice crystals: Revealing the dynamic behavior of quasi-liquid layers
Jan 30, 2012 |
5 / 5 (3) |
1
-
Stock market network reveals investor clustering
Jan 27, 2012 |
3.9 / 5 (23) |
8
-
Of microchemistry and molecules: Electronic microfluidic device synthesizes biocompatible probes
Jan 26, 2012 |
5 / 5 (1) |
0
-
Calling function with no input argument
8 hours ago
-
Force free body diagram problem on gym equipment
9 hours ago
-
Empirical data regarding shower heads and water
16 hours ago
-
feed hold button on CNC lathe
Feb 09, 2012
-
RFAC in Fortran
Feb 09, 2012
-
dynamics 2/32
Feb 08, 2012
- More from Physics Forums - General Engineering
More news stories
Google users warned of threat to smartphone wallets
Users of Google smartphone wallets were being warned on Friday that there is a way to crack pass codes intended to thwart thieves from going on illicit shopping sprees.
1 hour ago |
5 / 5 (1) |
0
Anonymous knocks CIA website offline (Update)
The website of the Central Intelligence Agency was inaccessible on Friday after the hacker group Anonymous claimed to have knocked it offline.
2 hours ago |
5 / 5 (4) |
8
New error-correcting codes guarantee the fastest possible rate of data transmission
Error-correcting codes are one of the triumphs of the digital age. They’re a way of encoding information so that it can be transmitted across a communication channel — such as an optical fiber o ...
Technology / Computer Sciences
11 hours ago |
5 / 5 (4) |
5
|
New power source discovered
(PhysOrg.com) -- Researchers at the Massachusetts Institute of Technology (MIT) and RMIT University have made a breakthrough in energy storage and power generation.
Technology / Energy & Green Tech
10 hours ago |
4.8 / 5 (16) |
5
|
Small modular reactor design could be a 'SUPERSTAR'
(PhysOrg.com) -- Though most of today's nuclear reactors are cooled by water, we've long known that there are alternatives; in fact, the world's first nuclear-powered electricity in 1951 came from a reactor ...
Technology / Energy & Green Tech
10 hours ago |
4.2 / 5 (10) |
19
|
Complex wiring of the nervous system may rely on a just a handful of genes and proteins
Researchers at the Salk Institute have discovered a startling feature of early brain development that helps to explain how complex neuron wiring patterns are programmed using just a handful of critical genes. ...
NASA sees wide-eyed cyclone Jasmine
Cyclone Jasmine's eye has opened wider on NASA satellite imagery, as it moves through the Southern Pacific Ocean.
NASA sees Giovanna reach cyclone strength, threaten Madagascar
Tropical Storm 12S built up steam and became a cyclone on February 10, 2012 as NASA's Terra satellite passed overhead. Residents of east-central Madagascar should prepare for this cyclone to make landfall ...
Putting the squeeze on planets outside our solar system
(PhysOrg.com) -- Using high-powered lasers, scientists at Lawrence Livermore National Laboratory and collaborators discovered that molten magnesium silicate undergoes a phase change in the liquid state, abruptly ...
The power of estrogen -- male snakes attract other males
A new study has shown that boosting the estrogen levels of male garter snakes causes them to secrete the same pheromones that females use to attract suitors, and turned the males into just about the sexiest ...
Grass to gas: Researchers' genome map speeds biofuel development
Researchers at the University of Georgia have taken a major step in the ongoing effort to find sources of cleaner, renewable energy by mapping the genomes of two originator cells of Miscanthus x giganteus, a large perenn ...
Feb 08, 2010
Rank: 5 / 5 (1)
I wouldn't really say it's been fixed, just prevented from having network access.
Feb 08, 2010
Rank: 5 / 5 (1)
I would love if they could sell a stripped down version of Windows, where it supports graphics, but gets rid of all those useless services and processes that eat the computer alive. I mean, what does it tell you when a system from 5 years ago runs at the same speed as one from 2010???
Feb 08, 2010
Rank: not rated yet
I was just talking about that earlier today.
Excluding video games and maybe graphics editors and sound editors, a windows 95 system ends up running about the same speed as a modern system with modern OS...because the software keeps getting written worse and worse, with more and more "crap nobody wants" added to it...
Feb 08, 2010
Rank: not rated yet