EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

09.08.09

Vista 7 Less Secure Than Predecessors? Remote BSoD Now Possible!

Posted in Marketing, Microsoft, Security, Vista, Vista 7, Windows at 4:46 am by Dr. Roy Schestowitz

BSoD for Novell

Summary: Vista and Vista 7 can be crashed remotely due to a newly-disclosed vulnerability

SO, Microsoft rewrote some networking components for Windows Vista, which may sound like a positive thing. Security experts warned that Microsoft had simply abandoned mature, well-established BSD code and they were right. Does anyone remember those flaws in Windows 95 which enabled remote computer users to ‘nuke’ their friends and foes (causing their computer to BSoD) given only their IP address? Well, that’s back in Vista 7.

Freshly disclosed: “Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D.”

V. BUSINESS IMPACT

An attacker can remotly crash without no user interaction, any Vista/Windows 7 machine with SMB enable. Windows Xp, 2k, are NOT affected as they dont have this driver.

VI. SYSTEMS AFFECTED

Windows Vista/7 All (64b/32b|SP1/SP2 fully updated) and possibly Win Server 2008 as it use the same SMB2.0 driver (not tested).

Wow. That is some serious stuff. What might it do to the already-poor track record of Vista 7 in security? The Register wrote about the death of the “Vista” brand and it might be just a matter of time before Vista 7′s brand is tarnished to the same extent.

Microsoft spent an absolute fortune on the Vista brand. In marketing terms, the Vista campaign was huge by any standards, and was a big success insofar as raising awareness of Microsoft’s next-generation Windows offering was concerned.

Sounds familiar? Vista 7 is Vista all over again; the resemblance in terms of hype and marketing is uncanny.

Well, if “Windows 7″ ends up like Vista in the market, then Microsoft will at least have the “Mojave” brand. Microsoft (and its extended ecosystem) can no longer just throw trolls at the problem. The hundreds of millions of dollars spent on building brands and bullying critics [1, 2, 3, 4] do have a limited shelf life.

“I am currently testing the Beta of Win7 in a closed VM environment. I am considering deleting it. It’s actually worse than Vista. Multiple program crashes, refusal to install any software, naff looks and many other complaints.”

Moog

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

7 Comments

  1. David Gerard said,

    September 8, 2009 at 5:04 am

    Gravatar

    I’ve posted this at Slashdot – please vote it up.

  2. Yuhong Bao said,

    September 8, 2009 at 12:13 pm

    Gravatar

    It is Vista/7, not “Vista 7″. This probably got confused by the fact that BN calls 7 “Vista 7″, which can easily be confused with “Vista/7″ which is different. I don’t use this name myself.

    Roy Schestowitz Reply:

    Those two are very similar. Underneath they are virtually the same and the above proves it.

    Yuhong Bao Reply:

    I would not go that far, but yes there are indeed many similarities between Vista and 7. In this case, the key similarity is that they both support SMB 2.0, which was a new version of the SMB protocol introduced with Vista.

    Roy Schestowitz Reply:

    Underneath, however, the same codebase is more or less shared. It’s not about this one flaw in particular.

    Yuhong Bao Reply:

    7 have many modifications to the Vista codebase. But yes indeed there is indeed many similarities to Vista in 7, certainly more similarities than Vista was compared to XP. Not that this makes Vista/7 bad IMO, but still.

  3. Yuhong Bao said,

    September 8, 2009 at 10:04 pm

    Gravatar

    Ars Technica reports that MS has issued a security advisory concerning this issue, saying 7 is not affected:
    http://arstechnica.com/microsoft/news/2009/09/new-flaw-can-remotely-crash-windows-vista-and-windows-7.ars

What Else is New


  1. The Patent Microcosm is Really Panicking as European Patents on Life and Other Spurious Junk (Invalid Patents) Are Successfully Rejected

    European Patents (EPs) may be revoked en masse if what we're seeing is the gradual emergence of 'European Mayo' (and maybe soon 'European Alice')



  2. Distractions From Microsoft's Gigantic Tax Evasion and Contribution to Denial of Climate Science

    Microsoft (connected to oil companies) wants us to think of it as a "green" company; not only does it contribute to climate denial but it also evades tax, which is a serious crime that costs tens of billions of dollars (the public pays this money instead)



  3. Confirmation: System1/Startpage Offered Pay to People Who Pushed for (Re)Listing in Privacy Directories

    The debate is now settled; those arguing in favour of listing Startpage as privacy-respecting are in fact secretly 'compensated' by Startpage (in other words, they're Startpage 'shills')



  4. Vandana Shiva: “Bill Gates is Continuing the Work of Monsanto”

    A recent interview on what Bill Gates is really up to in that sham ‘charity’ of his



  5. IRC Proceedings: Wednesday, January 22, 2020

    IRC logs for Wednesday, January 22, 2020



  6. Extending Linux With DRM, Azure and exFAT

    An insufficiently 'conservative' Linux ceases to be freedom-respecting



  7. Linux Foundation (LF) Now Dominated by Lots of Microsoft People and LF Chiefs Join Microsoft in Smearing GPL/Copyleft

    We continue to see additional evidence which serves towards reinforcing our view that the so-called 'Linux' Foundation is actually hostile towards many things that are associated with Linux (unlike those looking to exploit/hijack Linux for proprietary ends)



  8. Links 22/1/2020: Wayland 1.18 Alpha, ODF 1.3 Approved

    Links for the day



  9. IRC Proceedings: Tuesday, January 21, 2020

    IRC logs for Tuesday, January 21, 2020



  10. Poor Excuses for Granting Poor (and Often Illegal/Invalid) Patents

    A quick look at some of the latest examples of software patents advocacy (not by actual software professionals, obviously) and why it's deeply misguided (or guided solely by greedy law firms)



  11. A Simple Plan For a Universal Free Software Community

    "For software to be free as in freedom, we need more people to care personally about software freedom."



  12. Links 21/1/2020: Wine 5.0 and Red Hat Enterprise Linux 8.2 Beta

    Links for the day



  13. Startpage/System1 Almost Definitely Pay for People to Lie About Their Surveillance

    A longterm investigation suggests that there are forces in the debate that aren't objective and are being super evasive and dodgy; this typically happens only when somebody has much to hide



  14. The Internet is an Appalling Medium for News and It Has Only Gotten Worse

    Something ought to change in the way people gather and assess news; at the moment — as proper journalism runs out of steam (and budget) — things only deteriorate and quality suffers; this rapidly exacerbates as people come to rely on — and then relay — hearsay, not fact-checked bodies of work



  15. Media Reactions to the EPO Coming to Grips With Fake Patents That It Granted (Spoiler: the Media is Controlled by Lawyers of Monopolists and EPO Partners)

    Appalling quality of reporting and truly awful bias in the media, primarily owing to the fact that it is dominated/manned not by actual reporters but the firms looking to patent life itself; they use their lawyers and operatives who are literally funded by these lawyers (wearing "journalist" badges to mislead)



  16. Links 21/1/2020: EarlyOOM Fedora Decision and AMD Zen 3 Microcode

    Links for the day



  17. IRC Proceedings: Monday, January 20, 2020

    IRC logs for Monday, January 20, 2020



  18. Links 20/1/2020: MNT Reform, Linux 5.5 RC7, KMyMoney 5.0.8

    Links for the day



  19. Mansion of Pedophilia – Addendum: Accessing and Assessing Court Documents

    How anyone out there can do the job the media failed to do (after an apparently unprecedented arrest at the home of Bill Gates)



  20. Mansion of Pedophilia – Addendum: Progress on Police Request

    9 updates from the police department of Seattle but still nothing material/concrete, only promises and major delays



  21. IRC Proceedings: Sunday, January 19, 2020

    IRC logs for Sunday, January 19, 2020



  22. Mansion of Pedophilia – Part VIII: More Than 4 Months of Waiting for Police Department to Send Over the Files They Claim to Have an Issue Opening

    The police department (PD) of Seattle is unable to open its own files about arrest for pedophilia at Bill Gates' home; it has been unable to open these files for several months, it claims...



  23. Starting a GNU Replacement for GitHub, Possibly Based on GitLab

    "It might be easier if we start from the GitLab software," Stallman said



  24. European Commission Pushes for Even Greater Patent Maximalism Instead of Rationality, Patent Zealots' Site Cherry-Picks China as Whipping Boy

    Fear of China is being leveraged to promote an agenda of patent maximalists; the general idea they promote is that granting millions of low-quality patents is the only way to compete, even if in reality that merely handicaps the whole market



  25. CRISPR Patents Disallowed, But Where Are the Journalists?

    The narrative surrounding last week's decision against CRISPR patents may have been virtually monopolised by the litigation think tanks and law firms; it certainly feels like no journalism is left to rebut them, fact-check, and introspect



  26. Links 19/1/2020: Wine 5.0 RC6, Alpine 3.11.3

    Links for the day



  27. Judges Reject EPO Patents on Life as Constitutional Complaints Against the EPO Pile Up in Germany

    EPO judges throw out patents on life (CRISPR at least); there's now growing hope that they'll have the courage to do the same to patents on software



  28. IRC Proceedings: Saturday, January 18, 2020

    IRC logs for Saturday, January 18, 2020



  29. StartPage (System1) Found New Spin Allies. Some Have Been Offered StartPage Jobs. Some Might Already be Working for StartPage in Secret.

    Pro-StartPage voices appear to be paid (or have been promised pay) by StartPage; the key strategy of StartPage seems to be, attack and betray people's privacy while paying people in particular positions to pretend otherwise



  30. IRC Proceedings: Friday, January 17, 2020

    IRC logs for Friday, January 17, 2020


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts