Thursday, January 21, 2010

Microsoft confirms an ancient Windows bug

20 January Microsoft released its second advisory of last week in which its confirms an ancient flow in all 32-bit versions of Windows, that was firstly revealed by a Google engineer on Tuesday.

The company warned users that a bug in a kernel, which counted more than 17 years could be used by hackers to crack PCs.

The vulnerability in the Windows Virtual DOS Machine (VDM) subsystem. The VDM subsystem was added to Windows with the July 1993 release of Windows NT, Microsoft's first fully 32-bit operating system. VDM allows Windows NT and later to run DOS and 16-bit Windows software.

The advisory spelled out the affected software on all 32-bit editions of Windows, including Windows 7, and told users how to disable VDM as a workaround. Windows' 64-bit versions are not vulnerable to attack.

"An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode," said the newest advisory. "An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

Jerry Bryant, a program manager with the Microsoft Security Response Center (MSRC), said that the company had not seen any actual attacks using the vulnerability, and also downplayed the threat if hackers do exploit the flaw. "To exploit this vulnerability, an attacker must already have valid logon credentials and be able to log on to a system locally, meaning they must already have an account on the system," Bryant said in an e-mail.

Bookmark and Share

Monday, January 11, 2010

Weekly Wrap-up: Although, Microsoft's Courier tablet didn't show up at CES, some others did.

Despite numerous rumors about presentation of new multimedia tablet from Microsoft and HP, which concept Microsoft unveiled last September, the device didn't appeared at this year's International Consumer Electronic Show. Instead, Microsoft showed off three tablet computers running the touch-enabled Windows 7. The tablets were built by Asus spinoff Pegatron, media player maker Archos and HP itself. According to CEO of Microsoft Steve Balmer those three devices are almost as portable as a phone, but running Windows 7.

HP in turn said its slate computer will ship this year, part of a growing group of its new touch-enabled computers. HP also agreed to install Bing as the default search engine, and MSN the default home page, on HP computers in 42 countries.This alliance could help Bing to win more new users.

While Bing has already added 11 million new users since its launch last June, Microsoft's another hit on its way to set records. Mr. Balmer talked up Windows 7 during his speech at CES and contended that it's been a boon to the PC market. Retailers sold 63% more PCs this Black Friday compared to 2008. Windows PC sales in North America were 50% higher year-over-year, according to NPD Group. Ballmer credited at least part of the improved sales totals to the 800,000 new apps and 240,000 new peripherals created for Windows 7.

CEO of Microsoft don't forget to pay attention to one of Microsoft's touchiest subjects, its long-laming Windows Mobile OS. He promised that Microsoft would preview Windows Mobile 7 at the upcoming Mobile World Congress in February. Previously reported an actual launch next month, based on seems unlikely.

Bookmark and Share