With Terry's comments on asking about Microsoft products on the SLUG list,
combines with reading User Friendly too much and being on the Bugtraq (or is
that MStraq) list.. I thought I might resurrect this piece of satire for your
reading... erm.. enjoyment? It looks a lot like certain articles I have seen in
the Austrlaian IT section over the past few months.. hmmmm....
WARNING: SATIRE AHEAD
This piece is satire. It makes no attempt to be taken seriously.. and if you
dont like it.. youre free to delete it from your mailbox.
***************************************************************************************************************************************************
The following is a Security Bulletin from the Microstuft Product Security
Notification Service.
Please do not flame this message, as it was sent from an unattended mailbox.
********************************
-----BEGIN PGP SIGNED MESSAGE-----
Microstuft Security Bulletin (MS00-666)
- ---------------------------------------
Patch Available for "Windoze 95, 98, NT, 2000 anti-Linux Security Patch" for the
"We dont have vulnerabilities, only undocumented-features" Vulnerability
Originally posted: September 15, 2000
Summary
=======
Microstuft has released a patch that eliminates a security vulnerability in the
Windoze filesystem that ships with Microstuft(r) Windoze 95, 98, NT and 2000.
The vulnerability could, under certain circumstances, allow a malicious user to
obtain data from all users and access to the filesystem.
Frequently asked questions regarding this vulnerability and the patch can be
found at http://www.Microstuft.com/technut/security/bulletin/fq00-666.gasp
Issue
=====
Windoze installer includes a filesystem creation executable capable of creating
filesystems recognisable through DOS and Windoze 95, 98, NT and 2000. These
filesystems include Fat16, Fat32 and NTFS varieties. A vulnerability exists in
that while we have not told anyone how to read and write to these filesystem
types, some hacker has figure out how to and written this into what is known as
the Linux virus. This could allow a malicious user to obtain another users data
and full access to the filesystem without the users authorisation.
A malicious user could exploit this behaviour by creating a carefully-crafted
dual-boot filesystem that, when used, could attempt to mount the fat or NT
filesystem to a rogue mount point - automatically allowing full access to the
malicious virus's owner. The malicious user could then use an real-time passive
translation module to derive the nature of the filesystem mounted or, with
specialised tools pre-supplied by the virus, could simply change directory to
the mount point in an attempt to access protected resources.
This vulnerability would only provide the malicious user with full access to the
data of another user. It would not, by itself, allow a malicious user to gain
control of another user's computer. In order to do this, the malicious user
would have to be able to remotely logon to the target system. This is however
another function of the virus, even allowing gui access from a remote site.
However, best practices dictate that remote logon services be blocked by
un-installing the OS, and if these practices were followed, they would prevent
an attacker from using the virus to logon to the target system. Best practices
also strongly recommend that Windoze 2000 users logon to their hosts with User
level credentials, and if these practices were followed, they would prevent a
Luser from obtaining Administrator level credentials.
Patch
=====
The patch provided through Microstuft Download Centre should be executed on the
filesystem to be secured and will provide multi-level security from both the
Linux Virus and from Lusers. Running the executable will enable a patented
Microstuft(r) counter-intuitive scrambling algorithm on the file access tables,
boot sector, system sectors and data sectors making it impossible to access the
system without the unlock executable. The system will reboot after the
scrambling is finished. The unlock executable must be run from the filesystem to
be unlocked. This will ensure the system is protected against intrusion by the
Linux Virus and also protects against access by System Lusers.
Affected Software Versions
==========================
- Microstuft DDOS
- Microstuft Windoze 95
- Microstuft Windoze 98
- Microstuft Windoze NT
- Microstuft Windoze 2000
Patch Availability
==================
- All Systems:
http://www.Microstuft.com/Downloads/Release.gasp?ReleaseID=666_spawn_of_satan
Note: The above URL may not be accessible. If this is the case, please download
the patch from the following URL:
(this UR
L may be
wrapped)
http://download.Microstuft.com/download/ms_platform/patch/q666_s_o_s/all/en-us/q666_s_o_s_all_x86_en.exe
Note: This patch may be applied to both Windoze and Macintosh systems (but good
luck making the executable run).
Note: Additional Linux Antivirus Control System Security (LACS Security) patches
are available at the Microstuft Download Center
More Information
================
Please see the following references for more information related to this issue.
- Frequently Asked Questions: Microstuft Security Bulletin MS00-067
http://www.Microstuft.com/technut/security/bulletin/fq00-666.gasp
- Microstuft Knowledge Base article Q666_s_o_s discusses this issue and will be
available soon for book burning parties and festive events
- Microstuft technut Security web site
http://www.Microstuft.com/technut/security/what_is_it%?/default.gasp
Obtaining Support on this Issue
===============================
This is a fully un-supported patch. Information on contacting Microstuft Product
Support Services is available at
http://support.Microstuft.com/support/no_contact/go_away/default.gasp.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
iQEVAwUBOcGCNI0ZSRQxA/UrAQHh6ggAreZ9ohezFbCfJqBOhoEfanhldUYTBtWB
TgP6i8jW2fdac5tGKRB/0wUwJsv7/+OAgddj/QQbFSlZeSD3sRBwhPT60rs9R5a2
MpYynuw2KMKBELdv+Q3h+wPNx+ezfqrxzfM07gdqkR5vysPDvfnb3fS1vTNSlzrY
P3uMKDMyIpvN+pKIzkFieSTiQnpi0UCzJEpcF61AeZavyDlUDdQwivmReLYqkmsa
A/gZN2D6G6fxTrq0Y089XI84IKcilTe5I1vp5qN1uyTN4wu8Vl/0ZXT/RObiVJpu
Oqzm6vK4oVsjZ8RgAmeJ0GjSwQCjTxNA9aOCO0ijquuB5yqaDiHV0g==
=ymub
-----END PGP SIGNATURE-----
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
