Welcome to WebmasterWorld Guest from 22.214.171.124
Forum Moderators: incrediBILL
The vulnerability is caused due to an error in the processing of the "createTextRange()" method call applied on a radio button control. This can be exploited by e.g. a malicious web site to corrupt memory in a way, which allows the program flow to be redirected to the heap.
Successful exploitation allows execution of arbitrary code.
Internet Explorer Beta 2 Preview is also affected.
Yet again the solution suggested "Disable Active Scripting support".
I'm not an expert but my impression is this is a perpetual symptom of IE and Windows binding. I can't see that intergrated 'features' are ever going to be more secure than objects that are designed to be distinct.. which I take to be the approach of others.
Or am I confused?
On any half-decent, tidyish code such things should be a complete impossibility. What sort of ghastly mess does Microsoft actually produce?
When Windows 95 was released, they made a big deal of it being object orientated. Of course, this was 95% untrue with only some new stuff being implemented using so-called interfaces which don't support object inheritance. However, if MS used objects properly in applications such as IE to ensure that all memory allocations were handled properly, none of these problems would exist at all.
It's abolutely amazing that MS can get away with writing this rubbish. The best thing they can do is ditch all their own development tools and use Borland stuff instead. They might then produce some proper code.
Seriously though, I don't really see their development tools as being the cause of their problems, I am by no means an expert, but I'm just guessing that a lot of MS stuff is bloated, and I think a piece of software can only get so complex before problems arise. I agree with the post before, it would be great if MS took a step back and created a new OS from scratch, using everything they've learnt, it might actually be something we could be confident about! They need a clean slate to work on, then I think 'flaws' in security would be reduced dramatically.
we've got an entire Microsoft developing environment here and we make perfect code!
It's offtopic but...
I firmly believe that much of the problem lies in the ugly nature of the C language. Pascal is a clean language (just not really a complete one). An ugly language leads to ugly code, and a clean language leads to, well, less ugly code anyway.
Personally, I don't have a problem with IE. Every piece of software is going to have bugs, but MS should stop touting their superiority of their software and its security when they constantly release buggy work. I'm sure if as many people used FF, there would be issues (on the same level as IE) found with it too, I just don't want to hear "Our software is great!" and then a week later someone finds that if you click the reload button your OS gets wiped out.
But when that same fancied-up browser gets used by the general public for traveling in the wildest jungles of the public web, then all that complexity inevitably exposes loopholes.
Ultimately, a robust testing / quality verification process is what ensures a stable and viable product.
I think the complexity of IE can only be tested by the general public -- it takes that big a "team". And we're doing it, aren't we?
[edited by: tedster at 7:19 am (utc) on Mar. 24, 2006]
Dr. Knuth emphasises that "there never has been, nor will there ever be, any language in which it is the least bit difficult to write bad code."
C is, admittedly, a language for people who actually enjoy assembly language: for such, there is nothing comparable. (And, of course, anything that can be written badly in assembler can be written equally badly but much faster in C.)
Pascal is great for single-page-sized problems, but it forces larger programs into a straitjacket that simply doesn't fit any kind of sophisticated software development techniques. (Dr. Wirth knew that perfectly well, which is why HIS own programming was in a different language also of his own design.)
Windows is just an inherently insecure operating system, and hence anything running on it will also be insecure. They would have to start from scratch to build a operating that is totaly secure.
This is a fairly accurate statement. It's almost impossible to run windows in a standard secure user mode, I tried it with clients and we had to give up. Why? Because MS outlook would not run correctly for us in user or power user mode. Among several other show stoppers. In other words, ms applications would not let us run in secure mode.
IIS, MSIE, Outlook, Outlook Express, have been insecure by design since they were released. Every time this issue comes up, someone always has to repeat the ms spin and fud about market share being the cause. I'm sure this makes the MS pr people happy, since they can show ms that they are getting some return on their pr investments.
The cause is active x linking directly into the operating system. Firefox, Opera, Konqueror etc, do not have this direct link. And they are, while not perfect, radically safer than IE out of the box.
Don't be fooled by the hype, spyware uses active x almost exclusively to install itself. Currently, despite the recent os x proof of concept exploits, which, it should be noted, were never found in the wilds, there has been no os x virus.
I don't run antivirus on my linux desktop, although I do follow good security practices that I learned from years of using windows.
Both os x and linux systems, except for a few badly designed consumer products like linspire, are secure out of the box. I ran nmap against my out of the box installation of debian and it reported only 3 closed ports. With a good firewall everything is shut down except for only the specific applications that have permission to talk to the web. XP allows all outbound traffic on their joke of a built in firewall.
MS cannot create a secure os because that would compromise the 'user friendliness' they sell their systems with.
Microsoft could quite easily have made their systems actually be reasonably secure, but they chose not to. They can't rock the corporate market boat too much, they can't mess with badly written applications that must run insecurely, it's inertia, they built their bed, and now they have to lie in it. That's the price you pay for the near insane desire to create a monopoly desktop os. Luckily they failed on the server front.
As a side note: no friend who I have converted to firefox and thunderbird in windows xp has had any significant spyware or virus problem. The only times problems have arisen is when visitors come, and without asking, use hotmail on msie, and of course instantly install the latest virus on the box. If you do not allow any ms product to interact with the internet you can actually use xp or 2000 fairly safely, without much problem, for years. But you can't let anyone use that deadly blue e to connect to the web.
MS will never create a secure msie because it is the corporate market that most uses the active x garbage, normal sites are dumping it left and right as they realize that they lose the best educated part of the computer market by creating an msie only site.
Despite the learning curve of switching to a more powerful system like linux, I find that I don't miss a single thing about windows, zero. It's a con as far as I'm concerned.
MS actually thought they could replace unix by simply releasing a bad nt4 system, then a buggy nt5, and a finally somewhat ok nt 5.2, aka 2003. It's been a joy to watch them fail to get major market share on the web, especially since I've suffered with IIS and that junk, it deserved to flounder, it's corporate junk.
However, the only way anyone can pretend that ms releases secure products, or has any idea about security, would be for them to successfully ignore ALL of the last 10 years of history, upto this last issue. Then you can happily believe the marketing hype ms releases. Personally, since I've watched it for years, I believe what I see. Facts that is. OS X, which I personally hate, has had zero viruses. it's much more secure, by design. All unix systems are also more secure, by design. That's life. It's the reason ms has not been able to fix the issues, windows is insecure by design, though server 2003 was the first sort of ok release they've had. But why let someone with this bad a track record say a word about security? Weird.
Pascal is great for single-page-sized problems, but it forces larger programs into a straitjacket that simply doesn't fit any kind of sophisticated software development techniques.
The basic architecture of Borland Pascal is very good indeed and it produces code every bit as tight as C (if you know how). There are only two problems
1) Too many people use C so it's often necessary to translate example code rather than cut and paste it.
2) There are still things missing - but nothing that could not be added quite easily.
Incidentally, straitjackets aren't a bad thing when you have teams of programmers working on a single project. Provided that a given problem can be solved (simply and efficiently) it's best to use the same solution every single time. The flexibility of C means that different programmers often write very different code and can find each others' code difficult to understand and modify and that can lead to big problems.