<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d5720968\x26blogName\x3dneurological+dryer+lint\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dSILVER\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttp://justinhall.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://justinhall.blogspot.com/\x26vt\x3d282607643956112208', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

neurological dryer lint

dirty deeds... and the dunderchief

 

rudeboy, set down your gun

thanks to the diligent coders in microsoft's windows group, i have another fairly difficult week ahead. you come to dread the first tuesday of every month, working in IT security, because that's microsoft's monthly bulletin day, when they present to the world the latest batch of exploitable holes in their widely deployed products. some months you're blessed with nothing but a few denial-of-service vulnerabilities in rarely used applications... and then some months you get the motherload.

there have been a handful of major windows vulnerabilities that virus/worm authors have exploited heavily since the scene grew out of obscurity. ms03-026... the patriarch, the first-born, used by classics like blaster...

ms04-011, the heavy-hitter, the grizzled sergeant, favorite weapon of sasser, mydoom, mytob...

and now ms05-039, the Plug-n-Play vulnerability. released by microsoft on tuesday. exploits were in the wild on thursday. the first worm was out on saturday. so i get to spend the next month watching a hundred wannabe hackers take dozens of worms and create thousands of variants. walking into work every day, praying that our defenses were solid enough, our heavily defended perimeter held, and the small, weak children crying inside the walls of our network were safe. so far we've made it past day one.

i guess it's job security, right? if people at microsoft didn't release software with dozens of easily-obtained-and-modified remote exploits that grant anyone full administrator access to a system... i wouldn't be employed :)

hail to the windows development team! here's a poem by yeats that makes me think of you.

I sing what was lost and dread what was won,
I walk in a battle fought over again,
My king a lost king, and lost soldiers my men;
Feet to the Rising and Setting may run,
They always beat on the same small stone.
- "What Was Lost"
listening to: afi - weathered tome

 

for this post

Leave a Reply