Bitcoin Forum
November 13, 2024, 05:53:46 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [Advisory] Microsoft warns: Expect exploits for critical Windows worm hole  (Read 1344 times)
rasengan (OP)
Member
**
Offline Offline

Activity: 139
Merit: 37



View Profile WWW
March 14, 2012, 02:34:28 AM
 #1

Summary: There’s a remote, pre-authentication, network-accessible code execution vulnerability in Microsoft’s implementation of the RDP protocol.

http://www.zdnet.com/blog/security/microsoft-warns-expect-exploits-for-critical-windows-worm-hole/10745

tl;dr: Go update/patch or risk your wallet.dat.

Joseon.com - The First Legally Recognized Cyber State
ArticMine
Legendary
*
Offline Offline

Activity: 2282
Merit: 1050


Monero Core Team


View Profile
March 14, 2012, 02:51:30 AM
 #2

Summary: There’s a remote, pre-authentication, network-accessible code execution vulnerability in Microsoft’s implementation of the RDP protocol.

http://www.zdnet.com/blog/security/microsoft-warns-expect-exploits-for-critical-windows-worm-hole/10745

tl;dr: Go update/patch or risk your wallet.dat.

Thanks for the warning; however I have avoided Microsoft Windows for years for anything financial long before hearing of Bitcoin for safety and security reasons. That means using GNU / Linux for running Bitcoin software or any form of online banking.

Concerned that blockchain bloat will lead to centralization? Storing less than 4 GB of data once required the budget of a superpower and a warehouse full of punched cards. https://upload.wikimedia.org/wikipedia/commons/8/87/IBM_card_storage.NARA.jpg https://en.wikipedia.org/wiki/Punched_card
Graet
VIP
Legendary
*
Offline Offline

Activity: 980
Merit: 1001



View Profile WWW
March 14, 2012, 03:05:06 AM
 #3

Summary: There’s a remote, pre-authentication, network-accessible code execution vulnerability in Microsoft’s implementation of the RDP protocol.

http://www.zdnet.com/blog/security/microsoft-warns-expect-exploits-for-critical-windows-worm-hole/10745

tl;dr: Go update/patch or risk your wallet.dat.

Thanks for the warning; however I have avoided Microsoft Windows for years for anything financial long before hearing of Bitcoin for safety and security reasons. That means using GNU / Linux for running Bitcoin software or any form of online banking.

Thanks for the heads up rasengan .

I'm not a fanboi and use both linux and windows, whats the point of your post ArticMine  plenty of coins have been stolen from computers running linux....

Security is important no matter the os....

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
BinaryMage
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500


Ad astra.


View Profile
March 14, 2012, 03:32:39 AM
 #4

A lot of unwarranted concern here IMO. This is only an issue if you enable Remote Desktop, which is already known to be ridiculously insecure. It's disabled by default, so don't worry, if you've never used it you're not at risk.

-- BinaryMage -- | OTC | PGP
rjk
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


1ngldh


View Profile
March 14, 2012, 02:40:13 PM
 #5

A lot of unwarranted concern here IMO. This is only an issue if you enable Remote Desktop, which is already known to be ridiculously insecure. It's disabled by default, so don't worry, if you've never used it you're not at risk.
Cite? Have a good long password, and SSL with a proper certificate from a CA, and login rights only for users other than Administrator, and it works fine. The vuln above is something to worry about, but an exploit has not yet been developed and a patch is already available.

Sure, it doesn't offer certificate based auth like SSH does, but you can use smart cards if you aren't good at making a secure password. Add a VPN on top if you are really paranoid, and change the port for good measure.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
rjk
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


1ngldh


View Profile
March 14, 2012, 04:13:41 PM
 #6

an exploit has not yet been developed and a patch is already available.

No exploit... that you know of. The bug has been there for probably a decade.

It's not bug appears, bug patched - where your vulnerability is the time between discovery and patch.

It's bug exists for _years_, bug discovered publicly, bug patched.

What demons lurk behide the wall? We couldn't see.

The same applies to any remotely accessible service, including SSH. I'll hand it to you that it is open source, and therefore less likely to have a showstopping bug, but that does NOT mean that bugs are impossible, far from it.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
BinaryMage
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500


Ad astra.


View Profile
March 15, 2012, 12:22:21 AM
 #7

A lot of unwarranted concern here IMO. This is only an issue if you enable Remote Desktop, which is already known to be ridiculously insecure. It's disabled by default, so don't worry, if you've never used it you're not at risk.
Cite? Have a good long password, and SSL with a proper certificate from a CA, and login rights only for users other than Administrator, and it works fine. The vuln above is something to worry about, but an exploit has not yet been developed and a patch is already available.

Sure, it doesn't offer certificate based auth like SSH does, but you can use smart cards if you aren't good at making a secure password. Add a VPN on top if you are really paranoid, and change the port for good measure.

I don't personally know of any specific exploits other than as long as the user does all that you mention, but the fact that it's closed-source increases the likelihood by quite a bit, and I generally would avoid trusting for-profit closed-source programs on general principle.

Your point is fair, though. My sentence was rather misleading, in and of that RDP isn't, except for this exploit and being closed-source, necessarily less secure that other protocols. I stand corrected. I'm just a little skeptical of the doomsayers.  Wink

-- BinaryMage -- | OTC | PGP
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!