Microsoft News Update 512
Microsoft news of the past few days: Media Player 9 is the subject of a few articles, including one on its integrated digital restrictions and one on changes in its privacy options. Microsoft is releasing certain API's, and is releasing a service pack for Windows XP, under the requirements of its antitrust settlement with the Federal Gov't. On the downside, code to crash any modern Windows machine with NetBIOS enabled is now floating around the net, and there's been more publicity of the vulnerabilities in Microsoft IIS/SSL.
Also (Score:5, Informative)
MS02-045, patch available? (Score:5, Informative)
Why not add a link to the patch as well, Slashdot? (Score:5, Informative)
But I assume it's 'better' to let people suffer instead of helping them out, is it? You dont have to post links to security bulletins, but if you post a link to a DoS tool, why not supply the link to the patch as well, to let the reader decide if he/she wants to be vulnerable or not.
(good system administrators have already disabled TCP/IP over Netbios (disable Tcp/IP over NetBios helper service) of course and stopped the server service as well, on online systems, among other netbios related crap which is not needed on the internet (NetBios package: "whohoo a router, what's that!")
11 components of XP automatically download (Score:4, Informative)
Re:Oh that's very responsible of you, SlashDot (Score:3, Informative)
About that NetBIOS over IP exploit (Score:5, Informative)
Before too many more messages;
1. SMBDie = RedButton = Wow, incredibly talented programmer. This sure was a tool we needed.
2. If RestrictAnonymous is set, non-authenticated users can't use it, any authenticated user can.
3. If you're in an environment where any old computer connected to your network can use TCP139/TCP445, set up a sniffer (Network Monitor works) and watch for the source of the traffic. Then beat that person over the head with their PC. Do that either before or after you patch your systems with MS02-045. If more testing of the patch is required, beat them a little every day until your testing is complete.
4. If you're in an environment where you have TCP139/TCP445 open to the Internet, you don't need NTBugtraq, you need Dr. Phil. Buy a $50 Linksys router and put it in front of your machine and use it to block all but those few you really want open (which doesn't include those two).
5. Randy Hinders suggests that disabling NetBIOS over TCPIP works, I'm not yet 100% convinced. Either way, it should be easier to apply the patch than disabling NetBIOS over TCPIP.
The MS Security Bulletin honestly did do a great job of explaining all of this, more people should read it more carefully.
Cheers,
Russ - NTBugtraq Editor
Re:Roblimo I Am Calling You Out (Score:5, Informative)
Re:I hate Windows Media Player... (Score:2, Informative)
Re:Uhhh.... (Score:3, Informative)
Hide and remove are diffrent concepts. Just because the IE icon is not on the desktop does not meen that my program can't pullin the IE HTML render object, because the code will still be there on the box
Re:MS02-045, patch available? (Score:4, Informative)
Re:No, that's wrong. (Score:3, Informative)
Re:Oh that's very responsible of you, SlashDot (Score:2, Informative)
Installed, but not enabled.
Oh, it is indeed installed and enabled. NetBios is the protocol used for windows machines to acquire each others ip addresses and names without using DNS.
Re:My MS Activation Story: True Story. (Score:3, Informative)
Re:Oh that's very responsible of you, SlashDot (Score:4, Informative)
Re:Crash Windows (Score:2, Informative)
START DEVILSADVOCATE
At home I use windows XP pro and to date I've had only had one crash that caused me to have to reboot the machine
At work (I'm also a developer) we use windows 2000 pro, and reboots due to bad code (on my end) have been few and far between.
END DEVILSADVOCATE
Yes, there are bugs out there that haven't been fixed, but on the whole I think the latest releases of windows (2000, XP Pro) are very stable. Granted the older releases (9X, ME) are complete Sheit and I cringe every time I get a 'bug' reported in our software and it turns out to be they're running 9X/ME. In those cases I usually want to personally go and shoot bill gates in the head.
Agreed, you have some very good points, and I do agree microsoft could be more timely with their bug fixes/fix the longstanding existing bugs, but overall I think they're finally doing a good job with their windows products (2000/XP pro). I think most of the slashdot community who haven't tried XP Pro and have given up on windows in the past might change their minds just a little if they only tried it.
NetBIOS, not NetBEUI (Score:3, Informative)
NetBIOS is a programming interface implemented as a bunch of packet types which can be sent out either over NetBEUI or over IP. (sitting mostly on top of TCP, though I think some packets are sent out with UDP). IP is extremely routable.
Re:Netbios... (Score:3, Informative)
Jeremy Allison,
Samba Team.
You want BSOD, (Score:2, Informative)
The CSRSS Backspace Bug is a bug in the Win32 subsystem server process (csrss.exe) in Windows NT. It is particularly notable for several reasons:
Re:Oh that's very responsible of you, SlashDot (Score:1, Informative)