Recent Bugs (and Fixes)


Last week was pretty exciting, wasn't it? First, there was that Win95/98 CIH scare on Sunday 26 July, although that didn't affect NT users.

Not that I was privvy to it before Tuesday, but on Monday, MS posted a fix for a "privilege elevation attack" bug (the fix is called "priv-fix"). This "attack" is really program that takes advantage of a loophole in NT's security that allows any User to change their access priveleges. Oops!

I logged on Tuesday to find out more about the "Privelege Elevation" bug from ZDNet, but in that article came across Yet Another Bug which I found much more hideous: that Microsoft/Netscape "e-mail problem" (which Microsoft is now calling the "Long Filename Security Issue").

(Here's the first ZDNet report on just that e-mail bug posted on Monday 27 July; and here's a better report from Wired News the following day.)

ZDNet had a brief description of the problem, along the lines of if you attempt to "download, open, or launch a file attachment that has a name greater than 200 characters in length, the action might cause the email software to crash". At that point, code embedded within the name of the attachment, the size of which has no defined limit, could be run in memory after your e-mail program has crashed.

On Wednesday, Microsoft posted a patch for Outlook Express and 98, but at the same time warned that the patch was a cure only for the problem "as reported" originally, and not a cure-all since more ramnifications of this bug were discovered since the original report.

The Long Filename Security Bug

Further information for the Outlook and Outlook Express e-mail bug was posted in this Microsoft security bulletin, which in turn named NTBugTraq as a source.

I'd like to break here to remind you that the MS Security Advisor site, the source for the bulletin referenced above, should really be in your bookmarks. Here, you can select to read bug "bulletins" by product or date, and you don't have to hunt around the various news sites for a link to a patch, or in Microsoft's FTP directories for the actual patch itself.

Furthermore, these bulletins generally contain links to the original source of (and other resources for) the bug.

At NTBugTraq, I found the editorial What's in a NAME? which was written in large part for this very e-mail bug. It's a must read for all computer users, as it suggests that a lot of the slop we install on our computers may have similar security loopholes that could allow -- easily -- for overflow conditions.

The copyright of the article Recent Bugs (and Fixes) in Windows NT Workstation is owned by Tracey Kirkpatrick-Pritchett. Permission to republish Recent Bugs (and Fixes) in print or online must be granted by the author in writing.

Go To Page: 1 2

Articles in this Topic    Discussions in this Topic