Thread replies: 42
Thread images: 5
Thread images: 5
Anonymous
Unfixable vulnerability found on all windows versions 2017-06-05 04:26:25 Post No. 60758479
[Report] Image search: [Google]
Unfixable vulnerability found on all windows versions 2017-06-05 04:26:25 Post No. 60758479
[Report] Image search: [Google]
File: 1480903704371.jpg (433KB, 1111x597px) Image search:
[Google]
433KB, 1111x597px
Unfixable vulnerability found on all windows versions
Anonymous
2017-06-05 04:26:25
Post No. 60758479
[Report]
http://www.theregister.co.uk/2016/10/28/windows_atom_tables_popped_by_security_researchers/
http://archive.is/eNIvf
How long before Windows no longer exists?
>>
>>60758479
as long as people are retarded enough to use it it will exist
better contain them on windows then flood every ganoolix forum with nu-male tier trouble shooting
>>
>>60758479
>it relies on tricking a user into running a malicious executable
oh look, its fucking nothing
>>
Windows defense forces in 3....2.....
>>
>28 Oct 2016
https://rcpmag.com/articles/2003/08/11/blaster-worm-exploits-rpc-dcom-vulnerability.aspx
RPC DCOM vulnerability found on all windows versions
wincucks on suicide watch
>>
>>60758510
Shame. I had hope that I would be adding a remote 'master key' to metasploit.
>>
If an attacker can get you to run their executable then it's already game over for you, what does this change when it still requires you to run the executable in the first place?
>inb4 UAC bypass or some shit
Bypassing UAC is already incredibly trivial, I wrote a program to do it just the other day. Just what real security implications does this have exactly? The article says a lot of scary words but I'm not seeing anything of much substance.
>>
Have you no shame open sores? Attacking us Windows fans when we are most vulnerable
>>
>inb4 shitnux
>inb4 hackintrash
>inb4 muh bsd n other unix distros
>>
File: 1489934174949.png (116KB, 500x464px) Image search:
[Google]
116KB, 500x464px
>>60758592
>>
>>60758510
Phew, good thing Win has a central software repository and users don't just install software willy-nilly off the internet.
Or, you know, run shit sent via e-mail.
>>
File: 1496126872201.jpg (45KB, 480x480px) Image search:
[Google]
45KB, 480x480px
>>60758479
>implying the same shit doesn't exist for other OS's
>implying anyone cares about them due to zero market share
>implying this is the end of anything
>>
File: 1493938187394.jpg (75KB, 705x1024px) Image search:
[Google]
75KB, 705x1024px
>>60758479
Wow, it's literally nothing.
>>
>>60758479
>Unfixable vulnerability
i dont use windows but really, unfixable?
>>
>>60758616
That would be true for hundreds of vulnerabilities then, if it relies on you running an exe, they've already got you.
This specific vulnerability wouldn't matter in that case. It could be this one, or it could be any of a hundred others. The end result is the same.
>>
>>60758606
FUCK I REMEMBER THAT GAME
>>
>>60758648
It relies on an intrinsic weakness built into the framework of windows, but isn't as bad as the article makes it to be.
>>
File: junkbot.gif (17KB, 288x272px) Image search:
[Google]
17KB, 288x272px
>>60758672
ayy
>>
>>60758479
>>A successful attack could, however, accomplish quite a lot of evil, the most obvious being snooping on the contents of memory to grab keystrokes or passwords.
>run keylogger.exe
>keystrokes and passwords are getting snooped on
?????
>>
I hate the Microsoft botnet as much as any neckbeard, but this is dumber than the hyped-up LAN-based shit coming from WikiLeaks.
By the time this "vulnerability" becomes a threat, it's already game over.
>>
>>60758616
that would be the same on linux with any kind of binary files downloaded from the internet outside the package manager.
>>
>>60758683
yeah whenever the term unfixable is thrown around refering to software its blatant clickbait. Eitherway, the question is why does anyone use windows? Its a security nightmare since the early days. You had the fact user passwords didnt work on win95-98 (or rather they were plaintext, the entiety of xp, vista and 7 were alright with security, 8 looks progressive and then 10 has shit like this). Ive never heard of atomtables though, i understand what it is now but is it only windows that uses it?
>>
>>60758479
Stop shilling your shitty "exploit". It's not even an exploit. It's just an alternative way of passing data to shellcode.
>>
>>60758764
>and then 10 has shit like this
The feature being described in the article has been around since the first versions of Windows. It's why such an antiquated exploitable thing is even in the OS in the first place.
>>
>>60758616
It does, the Microsoft™ Windows Store™.
Pro-tip: Microsoft is going to quietly release an "unfixable exploit" for Windows that serves as an excuse to push Windows 10S.
The S stands for slave.
>>
>>60758764
>>ermagerd 10 is so bad it has shit like this!!!
>shit existed since Windows was a thing
Get that cock out of your ass and stop being a fucking retard. Besides the stupid shit like telemetry and bundled shitware 10 is better than all the other pieces of shit.
>>
>>60758818
my point was that such old things still work on 10 which boasts security as one of its selling points.
>>
>>60758479
>windows
>atom
>tablets
and not a single fug was given that day.
>>
>>60759053
Atom TABLES not tablets.
This is an issue for ALL versions of windows, the problem is it isn't exploitable until you execute a malicious exe, so just like everything else out there, dont fucking download and run unknown exes.
>>
>>60758997
MS has one of the biggest hardons for backwards compatibility in the business, it's what keeps a lot of Windows back.
>>
>>60759087
Well shit, taking it back then. The reasons go full GNU are growing every day.
>>
>>60759186
Not really, there are literally hundreds of things out there that would fuck your computer up if you ran a malicious exe. This particular vulnerability is no more exploitable than several hundred others that aren't an issue.
>>
i don't get it
if you run a virus why would it bother "exploiting" this when it already has full access to your system just by virtue of the fact that you ran it?
>>
>>60759416
Because this would allow them to make OTHER programs run OTHER malicious code.
Still if you're already running a malicious EXE, you've already lost so it's mostly irrelevant.
>>
>>60758733
Literally never happens
>>
>>60758842
Does that mean I get 10 slaves?
>>
>>60759458
Its been demonstrated live before if you care to go look up hacker convention talks from the last decade.
But hey, if it LITERALLY never happens, i guess feel free to download and install every binary you find.
>>
>>60759451
malware can already do this very easily by directly injecting into the process if it's running as an administrator (which it will be), it doesn't need to jump through these hoops just to inject 255 bytes of code. anti-malware may not detect this method as well, but then it's just a matter of updating the anti-malware.
>>
>>60759510
I thought they were trying to suggest literally no one ever downloads software through anything but the package manager, which is even more stupid.
>>
>>60758501
"enough to use it"
Please give me a Linux distro that can run my Adobe software natively, and I'll work to switch to that.
>>
>>60758479
>How long before Windows no longer exists?
Holy shit why you are so butthurt about Windows and MS?
Even if they would suddenly vanish for whatever reason, your precious Linux WONT became home everyday device for everyone, devs wont magically optimize their software for several different distros, video games wont migrate for same reason, etc, etc.
The only winner would be Apple. Your Linux distros would still remain as OS for server/specialistic uses and not some widespread home/enterprise use OS.
Why so butthurt?
>>
>>60759859
B-b-but Linux desktop of the year!
Thread posts: 42
Thread images: 5
Thread images: 5