Author Topic: Windows plagued by 17-year-old privilege escalation bug  (Read 8974 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33624
  • malware fighter
Re: Windows plagued by 17-year-old privilege escalation bug
« Reply #15 on: January 20, 2010, 10:10:23 PM »
Hi FwF,

My avatar is shown in Firefox or Flock, but I miss it in GoogleChrome, when I put the link into a new tab it gives connection problems for: http://forum.avast.com/index.php?action=dlattach;attach=5730;type=avatar
What is wrong there, should I clear the cache or what?

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Windows plagued by 17-year-old privilege escalation bug
« Reply #16 on: January 20, 2010, 10:13:19 PM »
Hi Polonus,

Works for me in Chrome on Linux.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Hermite15

  • Guest
Re: Windows plagued by 17-year-old privilege escalation bug
« Reply #17 on: January 20, 2010, 10:17:24 PM »
Hi Polonus,

Works for me in Chrome on Linux.

off topic again: just when I was wondering if I was going to reinstall Linux or not...had my worse issue with it two days ago...solved in the meantime, but it shouldn't have happened in the first place...
http://forum.avast.com/index.php?topic=53644.msg455010#msg455010

ps: Chrome works fantastic in Linux

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Windows plagued by 17-year-old privilege escalation bug
« Reply #18 on: January 20, 2010, 11:40:51 PM »
Hi Polonus,

Works for me in Chrome on Linux.

off topic again: just when I was wondering if I was going to reinstall Linux or not...had my worse issue with it two days ago...solved in the meantime, but it shouldn't have happened in the first place...
http://forum.avast.com/index.php?topic=53644.msg455010#msg455010

ps: Chrome works fantastic in Linux

Font rendering isn't as nice as Firefox or Opera.

Fonts render like in Firefox 3.0

Mind you, it took me a while to get used to the way fonts rendered in Firefox 3.5.

 ::)
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Hermite15

  • Guest
Re: Windows plagued by 17-year-old privilege escalation bug
« Reply #19 on: January 20, 2010, 11:48:49 PM »
yeah, I know about the fonts, that's one thing that I hate about Linux, in Firefox and Chrome, the font rendering. A bit better in Opera. Anyway, I've tried everything, switch to Liberation Fonts, even imported fonts from Windows and apply them...just a no go...you get used to it after a while, if you run Linux only  ;D Rebooting from Windows into Linux underlines the difference each time again  ::)
 What I meant is that Chrome is still faster in Linux, well from what I've seen with the Google version of Chromium. Anyway, I know some people manage to get fantastic fonts in browsers in Linux, but I have no idea how, or I forgot. Someone explained how he did it a while ago on Mandriva's forums, and when I tried to reproduce it didn't work. Don't know what it was anymore.

ps: not sure about it but I wonder if in the end the 24 bit limitation isn't an issue...
« Last Edit: January 20, 2010, 11:51:53 PM by Logos »

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33624
  • malware fighter
Re: Windows plagued by 17-year-old privilege escalation bug
« Reply #20 on: January 21, 2010, 01:20:22 PM »
Hi malware fighters,

To go back on topic, it is not an old hole - a 0day 16bit problem also present in Win7...: ( ISC.SANS, 19 Jan. 2010)

In a posting to a public mailing list, Tavis Ormandy disclosed a zero day privilege escalation vulnerability in the Windows kernel. All versions of Windows, starting with Windows NT 3.1 up to including Windows 7, are affected.

The vulnerability affects support for 16 bit applications. In most cases, it is safe to turn off support for 16 bit applications.

Here are the mitigation instructions (copied from the advisory):

Temporarily disabling the MSDOS and WOWEXEC subsystems will prevent the attack from functioning, as without a process with VdmAllowed, it is not possible to access NtVdmControl() (without SeTcbPrivilege, of course).

The policy template "Windows ComponentsApplication CompatibilityPrevent access to 16-bit applications" may be used within the group policy editor to prevent unprivileged users from executing 16-bit applications. I'm informed this is an officially supported machine configuration.

Administrators unfamiliar with group policy may find the videos below instructive. Further information is available from the Windows Server Group Policy Home

http://technet.microsoft.com/en-us/windowsserver/grouppolicy/default.aspx.

pol

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Hermite15

  • Guest
Re: Windows plagued by 17-year-old privilege escalation bug
« Reply #21 on: January 21, 2010, 01:34:40 PM »
Hi Polonus and thanks for the reminder: turned off just now  ;) I saw this setting before but I didn't mind, I do now  ;D