|Home » News » Roundups
Ou Ou The Sky Is Falling!
Imagine Chicken Little without a head. Imagine a hundred thousand Chicken Little clones, all without heads. Imagine one of them notices the sky is falling and tells all the others.
Welcome to Microsoft Windows - 'What do you want to lose today?'™
They're in a panic all right - and all because of a typical Microsoft bug. Because this one's not in the code - it's in the design. A design concocted as per usual by the pinheads in Redmond.
'By now, you've probably heard of the unofficial WMF Vulnerability patch by programming genius Ilfak Guilfanov', writes George Ou, a supposed 'advanced networking and server architecture expert [sic]', at ZD - at three o'clock in the morning.
'Some experts say install it now! Others say you better wait till next week for the official patch from Microsoft. Since I've spent a good part of New Years day weekend researching and testing this bug, I would tell you that this vulnerability is so dangerous that you better install the unofficial patch now and then uninstall it when the official Microsoft patch is hopefully released next week.'
Ou goes on to explain: 'If you're wondering why this is such a high priority patch, it's because existing workarounds are weak at best and the exploit is extremely dangerous.
'There are those who say this isn't anymore dangerous than an Internet worm but worms can't infect you through firewall perimeters.
'Even Antivirus and Intrusion Detection Systems are having a hard time with the WMF exploits since a group released proof-of-concept code that automatically generates randomized headers and fragmented packets to defeat nearly every AV and IDS signature.
'With the WMF exploit, you just need to look at an infected image file while surfing the web or checking your email and you're instantly infected with nasty spyware or rootkit.'
So what we basically have are all the Chicken Little Windows lamers 1) coming back to work after the holidays; 2) cranking up their Microsoft jalopies; 3) starting their never ending antivirus downloads; 4) bringing the whole glorious Internet to a virtual standstill - and now they have to contend with this as well. Poor Windows lamers.
Ou's summation of the chaos rings with an embarrassing echo: 'Since there are no official patches available, there was little you could do to protect yourself until now.'
Not unless you stop being lame and abandon Windows that is. Ou Ou! One wonders if Bruce Schneier will finally show some guts and stop telling his followers 'I have to use Windows but no one else should'.
Maybe it's time Windows 'security experts' started living up to their role.