How Microsoft could patch VML vulnerability before October’s patch day

SO, there’s the second big vulnerability exploit for Internet Explorer making the rounds in about a week and Microsoft’s advisory says that the most recent flaw will likely be patched on October’s patch day (“unless the need arises…”) So, what would trigger that need? Lot’s of browsers being subjected to unwanted drive-by downloads? I suppose that doesn’t trigger need for an out of cycle patch. True, “lot’s” is hard to quantify – how many people are really affected by this, home users? office users? etc. After all there IS a way to mitigate this (unregistering the vml dll….) not for the faint of heart but, it’s your computer and you’re responsible for it, right? Last month, a program offered people the capability of removing DRM from Microsoft DRM protected windows media files… it took about 3 days for Microsoft to release a fix…..

No, they didn’t wait until patch day. Strangely enough they didn’t offer ways to “mitigate” this “flaw” in their software so that “responsible” home users could re-enable the DRM to protect5 themselves from this rogue software. The contrasts in the situations are many, but…. in the DRM case a third party program which users would download and install (by choice) was what was used to remove DRM from files that they had either purchased or downloaded from sites that they subscribed to. The owners of the content though were the ones “victimized” by this software and I’ve said before I’m sure there were many phone calls to Microsoft from Music industry related folks saying… “You have to fix this NOW or we’re pulling out…” After all, the Music industry is suspicious of all things online and the only enticement that got many to distribute their content online is the promise of STRONG DRM. I suspect that it probably didn’t take too many phone calls for Microsoft to realize “we have to get a patch out quick.” Mainly because the people calling have “money on the line” with Microsoft.

Ok, currently we have ANOTHER Internet Explorer vulnerability that’s being actively exploited to install tons of malware on pcs. All it takes is a user visiting a malicious web page. Merely clicking a bad link is enough. No real choice of “download and install exploit ?” Just clicking a link… yes, there’s a choice in a sense, they could just not use the web browser, they could avoid any unknown links, but they could also unplug their PC and throw it in the lake…. I suspect that few people are going to meticulously analyze EVERY link they visit BEFORE they click. So we can fairly well say in this case, users don’t have a choice in getting affected by this exploit. For that matter existing owners of Windows don’t have “money on the line” with Microsoft in the sense that Microsoft’s DRM customers do…. let’s look at it this way, they’ve already bought the copy of Windows they’re using and what choice to they have when they replace their pc in 5-7 years (home users…)? Mac, Linux? Right…. when they open up the dell catalog and you see a variety of non-windows choices, maybe we’ll consider that Microsoft may lose business from home users that way.

What about businesses though? They should be able to carry some weight with MS, shouldn’t they? In many cases they have “money on the line” and CAN legitimately threaten other choices if MS doesn’t come through. Most businesses have other ways of mitigating the effects of these threats, intrusion detection systems on the perimeter, “easily” diregistering the dll across domain members…. Not pretty, but not as ugly as trying to get all home users to deregister a dll.

So, on a slightly related issue today, I see a writeup about how Windows Media 11 is “tightening the drm screws”, you’re no longer able to backup media to another pc, it’s now tied to the PC. (And if Windows needs to be rebuilt after a spyware infestation???) Additionally, if personal cds are ripped using media player with the “copy protect music” option enabled, then you have to jump through a Microsoft web page hoop to enable the file on another machine. (for a limited number of times mind you…) I know that many see piracy of media content as one of the major online issues. I can tell that Microsoft has invested a lot of their time and innovation in this area. They seem to have got people to accept slight implementations of DRM and now are gradually increasing the restrictions.

So, how does all of this get them to release a patch for the VML vulnerability early *(“out of cycle”)? I see two routes to this, the first is to call on some of the bigger businesses that are big customers of Microsoft to call and “request” that this be addressed with sooner rather than later. I really think this would get there attention if there were a large volume of calls from their top customers. (Not just businesses REALLY, governments are big Microsoft customers as well, national, state, local, etc.)

The second is probably far fetched, but from recent experience it appears as though it would be effective. Someone needs to design the exploit with a payload that would automatically strip DRM from any and all Windows Media protected files found on the hard drive. Today is Thursday, if this happened, we might see a patch Monday. Of course, that’s hypothetical, it would be wrong to take advantage of an exploit to install software on a pc without the users permission.

Related Posts

Blog Traffic Exchange Related Posts
  • Making sense of the different versions of Vista Microsoft Vista is now out, the next version of Windows, successor to XP. While Windows XP will continue to receive updates into 2014 there are many that might be eager to upgrade and move to the latest greatest. (Note to those: Service Pack one may be en route THIS calendar......
  • Ubuntu 6.06 LTS release Probably the biggest news so far today, at least in linux circles is the official release of the Dapper Drake.... Ubuntu 6.06 LTS (Long Term Support) (and kubuntu and edubuntu all...). I've been playing with an install based on the Release Candidate (and now upgraded to even include KDE 3.5.3...........
  • More on Explorer vulnerability Among other things... Sans has lowered the infocon to green, NOT that the threat is diminished, but there have been no new developments with regards to the announcement yesterday of a major Internet Explorer security vulnerability. Sans recommends browsing the web with firefox (with the noscript extension, so you can......
Blog Traffic Exchange Related Websites
  • Social Media 101: Tactics and Tips to Develop Your Business Online Amazon Says: 100 ways to tap into social media for a more profitable business In Social Media 101, social media expert and blogger Chris Brogan presents the best practices for growing the value of your social media and social networking marketing efforts. Brogan has spent two years researching what the......
  • Restaurant Solutions: Making Your Online Presence Known In today‚Äôs market every business needs to have an online presence. The Internet is the great leveler of players in a world market where anything can be bought or sold at competitive prices. The Internet has been an incredible tool for small businesses, especially because it allows smaller retailers and......
  • Microsoft's Internet Explorer is Vulnerable to Attacks Hi Guyz, Just got the news. Microsoft Internet Explorer users, beware. There's a security flaw in all versions of the browser that leaves you wide open for attack. At least two million computers have already been infected. The exploit doesn't require users to click on links or download software from......    Send article as PDF   

Similar Posts

See what happened this day in history from either BBC Wikipedia
Amazon Logo

Comments are closed.

Switch to our mobile site