SO, there’s the second big vulnerability exploit for Internet Explorer making the rounds in about a week and Microsoft’s advisory says that the most recent flaw will likely be patched on October’s patch day (“unless the need arises…”) So, what would trigger that need? Lot’s of browsers being subjected to unwanted drive-by downloads? I suppose that doesn’t trigger need for an out of cycle patch. True, “lot’s” is hard to quantify – how many people are really affected by this, home users? office users? etc. After all there IS a way to mitigate this (unregistering the vml dll….) not for the faint of heart but, it’s your computer and you’re responsible for it, right? Last month, a program offered people the capability of removing DRM from Microsoft DRM protected windows media files… it took about 3 days for Microsoft to release a fix…..
No, they didn’t wait until patch day. Strangely enough they didn’t offer ways to “mitigate” this “flaw” in their software so that “responsible” home users could re-enable the DRM to protect5 themselves from this rogue software. The contrasts in the situations are many, but…. in the DRM case a third party program which users would download and install (by choice) was what was used to remove DRM from files that they had either purchased or downloaded from sites that they subscribed to. The owners of the content though were the ones “victimized” by this software and I’ve said before I’m sure there were many phone calls to Microsoft from Music industry related folks saying… “You have to fix this NOW or we’re pulling out…” After all, the Music industry is suspicious of all things online and the only enticement that got many to distribute their content online is the promise of STRONG DRM. I suspect that it probably didn’t take too many phone calls for Microsoft to realize “we have to get a patch out quick.” Mainly because the people calling have “money on the line” with Microsoft.
Ok, currently we have ANOTHER Internet Explorer vulnerability that’s being actively exploited to install tons of malware on pcs. All it takes is a user visiting a malicious web page. Merely clicking a bad link is enough. No real choice of “download and install exploit ?” Just clicking a link… yes, there’s a choice in a sense, they could just not use the web browser, they could avoid any unknown links, but they could also unplug their PC and throw it in the lake…. I suspect that few people are going to meticulously analyze EVERY link they visit BEFORE they click. So we can fairly well say in this case, users don’t have a choice in getting affected by this exploit. For that matter existing owners of Windows don’t have “money on the line” with Microsoft in the sense that Microsoft’s DRM customers do…. let’s look at it this way, they’ve already bought the copy of Windows they’re using and what choice to they have when they replace their pc in 5-7 years (home users…)? Mac, Linux? Right…. when they open up the dell catalog and you see a variety of non-windows choices, maybe we’ll consider that Microsoft may lose business from home users that way.
What about businesses though? They should be able to carry some weight with MS, shouldn’t they? In many cases they have “money on the line” and CAN legitimately threaten other choices if MS doesn’t come through. Most businesses have other ways of mitigating the effects of these threats, intrusion detection systems on the perimeter, “easily” diregistering the dll across domain members…. Not pretty, but not as ugly as trying to get all home users to deregister a dll.
So, on a slightly related issue today, I see a writeup about how Windows Media 11 is “tightening the drm screws”, you’re no longer able to backup media to another pc, it’s now tied to the PC. (And if Windows needs to be rebuilt after a spyware infestation???) Additionally, if personal cds are ripped using media player with the “copy protect music” option enabled, then you have to jump through a Microsoft web page hoop to enable the file on another machine. (for a limited number of times mind you…) I know that many see piracy of media content as one of the major online issues. I can tell that Microsoft has invested a lot of their time and innovation in this area. They seem to have got people to accept slight implementations of DRM and now are gradually increasing the restrictions.
So, how does all of this get them to release a patch for the VML vulnerability early *(“out of cycle”)? I see two routes to this, the first is to call on some of the bigger businesses that are big customers of Microsoft to call and “request” that this be addressed with sooner rather than later. I really think this would get there attention if there were a large volume of calls from their top customers. (Not just businesses REALLY, governments are big Microsoft customers as well, national, state, local, etc.)
The second is probably far fetched, but from recent experience it appears as though it would be effective. Someone needs to design the exploit with a payload that would automatically strip DRM from any and all Windows Media protected files found on the hard drive. Today is Thursday, if this happened, we might see a patch Monday. Of course, that’s hypothetical, it would be wrong to take advantage of an exploit to install software on a pc without the users permission.
Related PostsRelated Posts
- Helixplayer to include Windows media file viewer WMV and WMA file formats (Windows Media Video and Windows Media Audio) have been one of those sore spots for desktop linux. Yes, I KNOW mplayer and other players can handle them. (If the codecs are installed.) (and wine can run media player) But, there have been licensing issues there.......
- Update on Internet Explorer Zero Day exploit Yesterday I mentioned a SANS report on a possible zero day exploit against Internet Explorer. Today they have more details in the handlers diary. Among other things SANS has issued a patch for it. Essentially the zero day (or previously unknown) vulnerability deals with a .Net framework file, msdds.dll .......
- Windows 2000 Worm vulnerability Apparently, there is an unpatched vulnerability in Windows 2000 that could open the door for a network worm. The details have not been released to give Microsoft time to deal with a patch. (Microsoft is drawing down support commitments to 2000, releasing a batch of updates just before their timeline......
- Restaurant Solutions: Making Your Online Presence Known In today’s market every business needs to have an online presence. The Internet is the great leveler of players in a world market where anything can be bought or sold at competitive prices. The Internet has been an incredible tool for small businesses, especially because it allows smaller retailers and......
- Attempting a Digital Media Overhaul: Music, Movies, and Television Any Time, Any Place I've been thinking about overhauling my use of technology lately. Most of that is in the form of media consumption - music, television, movies, books, etc. (Side note: This seems to be a good place to plug my article on Saving Money on Movies, Music, Television, and Books - plugged!)......
- Microsoft's Internet Explorer is Vulnerable to Attacks Hi Guyz, Just got the news. Microsoft Internet Explorer users, beware. There's a security flaw in all versions of the browser that leaves you wide open for attack. At least two million computers have already been infected. The exploit doesn't require users to click on links or download software from......
- Windows 98 WMF patch
- Microsoft releases official VML patch!!
- Identity theft
- Big Windows June update day
- Free (and legal) music downloads coming by Christmas 2006 and DRM