How Microsoft could patch VML vulnerability before October’s patch day



SO, there’s the second big vulnerability exploit for Internet Explorer making the rounds in about a week and Microsoft’s advisory says that the most recent flaw will likely be patched on October’s patch day (“unless the need arises…”) So, what would trigger that need? Lot’s of browsers being subjected to unwanted drive-by downloads? I suppose that doesn’t trigger need for an out of cycle patch. True, “lot’s” is hard to quantify – how many people are really affected by this, home users? office users? etc. After all there IS a way to mitigate this (unregistering the vml dll….) not for the faint of heart but, it’s your computer and you’re responsible for it, right? Last month, a program offered people the capability of removing DRM from Microsoft DRM protected windows media files… it took about 3 days for Microsoft to release a fix…..


No, they didn’t wait until patch day. Strangely enough they didn’t offer ways to “mitigate” this “flaw” in their software so that “responsible” home users could re-enable the DRM to protect5 themselves from this rogue software. The contrasts in the situations are many, but…. in the DRM case a third party program which users would download and install (by choice) was what was used to remove DRM from files that they had either purchased or downloaded from sites that they subscribed to. The owners of the content though were the ones “victimized” by this software and I’ve said before I’m sure there were many phone calls to Microsoft from Music industry related folks saying… “You have to fix this NOW or we’re pulling out…” After all, the Music industry is suspicious of all things online and the only enticement that got many to distribute their content online is the promise of STRONG DRM. I suspect that it probably didn’t take too many phone calls for Microsoft to realize “we have to get a patch out quick.” Mainly because the people calling have “money on the line” with Microsoft.

Ok, currently we have ANOTHER Internet Explorer vulnerability that’s being actively exploited to install tons of malware on pcs. All it takes is a user visiting a malicious web page. Merely clicking a bad link is enough. No real choice of “download and install exploit ?” Just clicking a link… yes, there’s a choice in a sense, they could just not use the web browser, they could avoid any unknown links, but they could also unplug their PC and throw it in the lake…. I suspect that few people are going to meticulously analyze EVERY link they visit BEFORE they click. So we can fairly well say in this case, users don’t have a choice in getting affected by this exploit. For that matter existing owners of Windows don’t have “money on the line” with Microsoft in the sense that Microsoft’s DRM customers do…. let’s look at it this way, they’ve already bought the copy of Windows they’re using and what choice to they have when they replace their pc in 5-7 years (home users…)? Mac, Linux? Right…. when they open up the dell catalog and you see a variety of non-windows choices, maybe we’ll consider that Microsoft may lose business from home users that way.

What about businesses though? They should be able to carry some weight with MS, shouldn’t they? In many cases they have “money on the line” and CAN legitimately threaten other choices if MS doesn’t come through. Most businesses have other ways of mitigating the effects of these threats, intrusion detection systems on the perimeter, “easily” diregistering the dll across domain members…. Not pretty, but not as ugly as trying to get all home users to deregister a dll.

So, on a slightly related issue today, I see a writeup about how Windows Media 11 is “tightening the drm screws”, you’re no longer able to backup media to another pc, it’s now tied to the PC. (And if Windows needs to be rebuilt after a spyware infestation???) Additionally, if personal cds are ripped using media player with the “copy protect music” option enabled, then you have to jump through a Microsoft web page hoop to enable the file on another machine. (for a limited number of times mind you…) I know that many see piracy of media content as one of the major online issues. I can tell that Microsoft has invested a lot of their time and innovation in this area. They seem to have got people to accept slight implementations of DRM and now are gradually increasing the restrictions.

So, how does all of this get them to release a patch for the VML vulnerability early *(“out of cycle”)? I see two routes to this, the first is to call on some of the bigger businesses that are big customers of Microsoft to call and “request” that this be addressed with sooner rather than later. I really think this would get there attention if there were a large volume of calls from their top customers. (Not just businesses REALLY, governments are big Microsoft customers as well, national, state, local, etc.)

The second is probably far fetched, but from recent experience it appears as though it would be effective. Someone needs to design the exploit with a payload that would automatically strip DRM from any and all Windows Media protected files found on the hard drive. Today is Thursday, if this happened, we might see a patch Monday. Of course, that’s hypothetical, it would be wrong to take advantage of an exploit to install software on a pc without the users permission.

Related Posts

Blog Traffic Exchange Related Posts
  • Helixplayer to include Windows media file viewer WMV and WMA file formats (Windows Media Video and Windows Media Audio) have been one of those sore spots for desktop linux. Yes, I KNOW mplayer and other players can handle them. (If the codecs are installed.) (and wine can run media player) But, there have been licensing issues there.......
  • How to Remove Windows Enterprise Suite | Removal Guide Windows Enterprise Suite is a rogue antivirus application that is made to look like and mimic the actions of legitimate security applications, but it is likely the cause of more problems on your system than it solves. It seems to be made by the same group as volcano security suite......
  • Fairuse4wm back on top In the struggle between fairuse4wm and Microsoft DRM, it appears that fairuse4wm is out on top again. Just to sum up - the last few weeks saw a release of fairuse4wm that stripped DRM from Microsoft DRM protected media files, then MS fixed their DRM to break fairuse4wm and now......
Blog Traffic Exchange Related Websites
  • Microsoft to Improve User Access Control in Windows 7 I was just reading a Slashdot article about Microsoft improving User Access Control (UAC) in Windows 7. In the cited PC Pro article, Microsoft engineer Ben Fathi says: We've heard loud and clear that you are frustrated. You find the prompts too frequent, annoying, and confusing. We still want to......
  • Attempting a Digital Media Overhaul: Music, Movies, and Television Any Time, Any Place I've been thinking about overhauling my use of technology lately. Most of that is in the form of media consumption - music, television, movies, books, etc. (Side note: This seems to be a good place to plug my article on Saving Money on Movies, Music, Television, and Books - plugged!)......
  • Microsoft reveals Six Windows 7 Editions Microsoft has announced that the upcoming Windows 7 will boast of six editions - Starter, Basic, Home Premium, Professional, Ultimate and Enterprise. But unlike Windows Vista, upgrading to a higher, more featured version will not result in loss of existing features from the lower version. Also Windows 7 is designed......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site