Forwarded from: Russell Coker <russell@private> On Sat, 14 Feb 2004 01:20, InfoSec News <isn@private> wrote: > Forwarded from: William Knowles <wk@private> > > http://www.washingtonpost.com/wp-dyn/articles/A38314-2004Feb12.html > > By Brian Krebs > Special to The Washington Post > Friday, February 13, 2004 > > Computer security experts said the release of Windows source code > could pose a threat to Internet security, depending on what portion > of the code was leaked. > > A leak of any portion "could dramatically increase the probability > that new zero-day vulnerabilities will be found," said Alan Paller, > director of research at the SANS Institute, a security training > group based in Bethesda. [...] > But even a partial leak "is a potentially very serious problem for > Microsoft," Larholm said. "Just look at the vulnerabilities that are > discovered by people who didn't have access to the source code." > > Howard Schmidt, former head of security at Microsoft, said he was > less concerned about the security implications of the leak than its > potential threat to Microsoft's intellectual property. http://www.linuxworld.com/story/34878.htm Rumor has it that the section of code in question is that which was shipped to several governments for the purposes of checking the security. The above URL is one of many news articles on that topic. It will be very interesting to find out whether this rumor is correct. Has a government broken their license agreement? Or has the Microsoft network been cracked again? If a government, then which one? Surely MS sent slightly different sections of code to each government licensee so they will know who leaked it... If the security of Windows systems is seriously threatened by such code release then it should never have been released to the Chinese government. NB Running a Falun Gong web server on NT might be particularly risky now. If the leak of the software is a risk to Microsoft intellectual property then why would they give it to the Chinese government? China does not have a good record concerning intellectual property... Here is the URL to information on the last time a crack of Microsoft's network was publicised: http://zdnet.com.com/2100-11-525083.html?legacy=zdnn -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -=- Forwarded from: Chad W. Didier <cdidier@private> Hmmm, sounds like a perfect pretense for those customers using NT 4.0 and 2000 to upgrade to MS' latest greatest. Considering MS' business tactics it isn't a far stretch of the imagination to consider the possibility of an inhouse leak for just that very purpose. They've discussed zero day threats which could have crippling effects on a business that must wait for a patch one or more days. So far, to my knowledge, no zero day threat has materialized. But, now with this timely leak of source code conveniently only effecting older platforms the argument to upgrade is made all but irresistable. A business well entrenched in the Microsoft paradigm, even in light of MS' failings, would find itself unable to switch over to more robust platforms. One or two instances of a zero day exploit bringing ill prepared businesses to their knees should work well to convince the rest it is time to upgrade. Anyone know if Microsoft's sales are down for the year? ;) -----Original Message----- From: owner-isn@private [mailto:owner-isn@private] On Behalf Of InfoSec News Sent: Friday, February 13, 2004 9:21 AM To: isn@private Subject: [ISN] Microsoft Says Parts of Source Code Were Leaked Forwarded from: William Knowles <wk@private> http://www.washingtonpost.com/wp-dyn/articles/A38314-2004Feb12.html By Brian Krebs Special to The Washington Post Friday, February 13, 2004 Microsoft Corp. last night confirmed that portions of the source code for two versions of its Windows operating system have leaked onto the Internet, a security breach that could give hackers important intelligence about how to exploit flaws in software run by many of the world's computers. "Today we became aware that incomplete portions of Windows 2000 and NT 4.0 source code was illegally made available on the Internet," Microsoft spokesman Tom Pilla said. "It's illegal for third parties to post Microsoft source code and we take that activity very seriously." Pilla said the company does not know how much of the code was compromised, but he said Microsoft believes it was not a complete version of either operating system. There was no indication of a breach in Microsoft's internal network, Pilla said. He said the FBI is investigating. Windows 2000 and NT are widely deployed in business networks; less so on home computers. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Feb 17 2004 - 09:07:22 PST