I figured that most IT administrators and managers would do the same, because this was obviously just asking for trouble (I didn't know what trouble it would cause, but I knew it was asking for it). Well, I didn't ban them directly, I talked our CEO into it. My response at the time was to ban the use of IE, Outlook, and any other application that I could think of or that I found out about that was using this component to view untrusted documents. They did this not because it's a good idea for every application to have internet access and rich scripting with only a token sandbox about the potentially untrusted data they're displaying, but because they wanted to keep the DoJ from forcing them to compete with other companies that were producing web browsers.
Which is all well and good, but it's not just a rich-text rendering engine, it's pretty much all of Internet Explorer but the window decorations and preferences utility. Obviously, you're going to try to cover in advance for security things, but who could predict in attack in such a convoluted fashion?Ī skin invokes the browser because Microsoft's got this tasty-looking rich-text, GUI, and graphics layout and rendering engine that they decided about seven years ago needed to be a core part of the OS.
I really can't imagine that anyone could be thinking, when they write a program like this, "oh, what if someone tries to take advantage of such and such known security flaw in this way through our program, even though they don't have jack and shit to do with each other?". or at least a whole hell of a lot more creative. (3) what kinda genius would figure out that you could embed an xml file, with instructions to run a specific executeable file, within a zipped skin file, and then manage to trigger a security hole in a web-browser module that really shouldn't have a damn thing to do involved with the program that you're sending this virus through? The people who are BREAKING the security I figure have got to be infinitely more intelligent than the people who are CREATING the security. Of course, the WinAmp people probably should come up with a better, more secure transport method for getting their skins around, but it's not really their fault that IE is a pile of crap security wise. (2) Absolutely right, having a component of the system that is active to ALL programs, wether it wants it or not, is inviting the most bizarre of security holes. (1) I've not used WinAmp in many years, but when secunia says the advised course of action is "use another product", i'm guessing that that probably means this feature can not be disabled, or at least not easily? or if it can be, then it's disabling can also be circumvented?
Just to comment on all the first 11 posts I see here:
0 kommentar(er)
