Vista ANI Exploit Patch Plagued With More Problems

[Quinton McLeod]

7/7/2007
----------
Looks like Microsoft's patch causes more issues than it actually fixed.

Did your computer start to give you a DLL error after rebooting? Well, bad luck: it?s that pesky Windows Animated Cursor patch issued by Microsoft?

By now you are probably familiarized with the 3-months old bug discovered by security vendor Determina in December 2006 that refers to a boundary error within the handling of animated cursors. If you?re not, you should know that the flaw, also known as ANI exploit, can be, well? exploited to cause a stack-based buffer overflow via a specially crafted animated cursor file.

Successful exploitation could have allowed the execution of an arbitrary code when a user e.g. visits a malicious website using Internet Explorer or opens a malicious e-mail message.

The vulnerability first surfaced last week, when Microsoft acknowledged ongoing attacks. Most of the activity around the ANI exploit has been observed via malicious websites (around 100) that will attack the user if he visits the page with the most common versions of Internet Explorer (6 or 7), serving him/her with bogus Web-pages that take advantage of the bug.

Last weekend the amount of attacks using this exploit has intensified, forcing Microsoft to admit the existence of the bug and to speed up the patching process.

On April 4, Microsoft finally issued a software patch to fix the critical vulnerability that affected its Windows OS. It was only the third patch since January 2005 to be posted outside the normal monthly schedule. It also addressed six other vulnerabilities, three of them affecting Windows Vista.

However, immediately after the update was installed and the computer rebooted, Windows XP SP 2 users with an integrated Realtek HD Audio Control Panel (that includes me and three other computers in my office) were confronted with a DLL error, called RTHDCPL.EXE-Illegal System Relocation:

"The system DLL user32.dll was relocated in memory. The application will not
run properly. The relocation occured because the DLL C:\WINDOWS\system32\HHCTRL.OCX occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL."

The rthdcpl.exe is located in the folder C:\Windows. The file size on Windows XP is 13179660 bytes. There is an icon for this program on the taskbar next to the clock. It is not a Windows system file. The file is a Microsoft signed file. rthdcpl.exe is able to record inputs.

Microsoft became aware of it only after reports began emerging on the Web and immediately issued a fix located at this address.

However, users have complained that the fix does not always work and that it sometimes comes in conflict with the Windows Genuine Advantage Validation program, which hinders the downloading of the fix. Microsoft promises to update the aforementioned Knowledge Base article as soon as they have more details available from both users and their engineers.

http://www.playfuls.com/news_06876_Micr...tch_Causes_DLL_Errors_at_Startup_.html

and more info about the incompatibilities here:

http://www.tgdaily.com/content/view/31522/108/

Well, lets look at the facts for a moment.
Even though this wouldn't affect any of you, wouldn't this say mounds about Microsoft's programs in general? I'm not here to bash miscellaneous Microsoft programs, however, this sends many signals concerning Microsoft's new OS Vista. To say that Vista is indestructible would be a thought. However, how many actually believe that the way things have been going that this isn't just another Windows ME? Considering that a new Microsoft OS is coming out next year, what purpose would Vista really have at this point?

Discuss.

---------------------------------------------------------------------------
Old News
---------------------------------------------------------------------------
Based from the ANI exploit in Vista, it appears as though security experts agree that Vista was indeed NOT built entirely from the ground up like Microsoft said.

Mulchandani agreed. "The dirty little secret is that Microsoft clearly did not write Vista from scratch. They did not completely build a whole new code base for this operating system. Every version of Windows since Windows NT has had this flaw in it," he said.

And now, Microsoft are no longer comparing their OS to *nix. It appears as though they are comparing their Vista OS to previous versions of Windows now. So sad.

Mulchandani also said that, while Microsoft has taken way too big a bite at the security message, Vista is more secure than its predecessors because of features such as User Account Control and others that limit privileges on the operating system.

And that's just the goal Microsoft was aiming for, Toulouse said.

"You have to look at Vista versus XP. A lot of people are holding Vista up and saying in a vacuum it will reach some nirvana of security," Toulouse said. "Our whole goal with Windows Vista was to create a fundamentally more secure operating system than we have ever created previously."

http://news.zdnet.com/2100-1009_22-6173115.html

So, in the end, Vista still isn't able to compete with *nix as far as security is concerned.

What are your feelings about this?

Discuss.

 

[xtknight]

Guess what? Every PC operating system will have that flaw. If you don't want them to, then get a new CPU with a different instruction set.

 

[nerp]

YAWN.

 

[erikistired]

i thought MS had already talked about this? that rebuilding the whole OS was turning out to be too much work so they adapted parts of XP?

 

[Nothinman]

Based from the ANI exploit in Vista, it appears as though security experts agree that Vista was indeed NOT built entirely from the ground up like Microsoft said.

MS never said the entire thing was written from the ground up. Large parts of it were rewritten (like the sound and video driver subsystems) but to throw away the entire NT codebase and start from scratch would be the stupidest thing MS could ever do.

And now, Microsoft are no longer comparing their OS to *nix. It appears as though they are comparing their Vista OS to previous versions of Windows now. So sad.

Vista is a client OS, they haven't compared their client OSes to unix since NT 3.51 was released.

What are your feelings about this?

The same as they were in the last thread, you're confused about the real issues and just looking for attention.

 

[JonnyBlaze]

Want to show me where MS said it was going to be completely new code?

I heard that the next OS, Vienna is supposed to be new code.

 

[Smilin]

Originally posted by: Quinton McLeod
Based from the ANI exploit in Vista, it appears as though security experts agree that Vista was indeed NOT built entirely from the ground up like Microsoft said.

Show me where Microsoft ever said that Quinton.

 

[ebaycj]

Originally posted by: xtknight
Guess what? Every PC operating system will have that flaw. If you don't want them to, then get a new CPU with a different instruction set.

What flaw? The ANI flaw? If that's what you meant, you're completely wrong.

 

[stash]

Here's something about Vista that I bet our boy Q didn't know. The fix for the ani issue (MS07-017) actually fixes seven different issues. Of those:

* All seven affect Windows 2000
* Six affect Server 2003 SP2
* Six affect XP SP2
* Three affect Windows Vista

 

[nerp]

And it's also obvious that Quint has never actually read about Vista's development to any great extent.

 

[stash]

Originally posted by: nerp
And it's also obvious that Quint has never actually read about Vista's development to any great extent.

It's much harder to spew FUD when you do that.

 

[Quinton McLeod]

Originally posted by: Nothinman

Based from the ANI exploit in Vista, it appears as though security experts agree that Vista was indeed NOT built entirely from the ground up like Microsoft said.

MS never said the entire thing was written from the ground up. Large parts of it were rewritten (like the sound and video driver subsystems) but to throw away the entire NT codebase and start from scratch would be the stupidest thing MS could ever do.

And now, Microsoft are no longer comparing their OS to *nix. It appears as though they are comparing their Vista OS to previous versions of Windows now. So sad.

Vista is a client OS, they haven't compared their client OSes to unix since NT 3.51 was released.

What are your feelings about this?

The same as they were in the last thread, you're confused about the real issues and just looking for attention.

Why are you denying the facts when they are right in front of you?
They compared Vista to *nix when they said that their OS was more secure to Linux. Come on, dude. Now they are saying, "Whoops! It's actually more secure than Windows XP."


And according to Microsoft, Vista was built from the ground up.

Windows Vista is the first operating system built from the ground up with a focus on integration of the .NET Framework. The managed technologies in the newest version of the .NET Framework provide a robust platform for Windows development. Learn more by visiting the .NET Framework developer center.

http://msdn2.microsoft.com/en-us/windowsvista/aa904986.aspx


and

?Windows Vista was built from the ground up to simplify how people work together, find information, reduce IT costs, improve security and enable mobile environments,? said Shanen Boettcher, general manager of Windows Client Product Management at Microsoft. ?With the availability of these new tools, there is nothing holding back businesses from making the move to Windows Vista and immediately taking advantage of those benefits.?

https://www.microsoft.com/presspass/press/2007/feb07/02-20VistaDevToolsPR.mspx

Yet another example of Windows users avoiding and outright denying the facts.

 

[Pabster]

Oh look, our Linux troll is back.

Getting tired of Ubuntu already?

 

[fyleow]

..

 

[loup garou]

Originally posted by: Quinton McLeod
And according to Microsoft, Vista was built from the ground up.

Windows Vista is the first operating system built from the ground up with a focus on integration of the .NET Framework. The managed technologies in the newest version of the .NET Framework provide a robust platform for Windows development. Learn more by visiting the .NET Framework developer center.

http://msdn2.microsoft.com/en-us/windowsvista/aa904986.aspx


and

?Windows Vista was built from the ground up to simplify how people work together, find information, reduce IT costs, improve security and enable mobile environments,? said Shanen Boettcher, general manager of Windows Client Product Management at Microsoft. ?With the availability of these new tools, there is nothing holding back businesses from making the move to Windows Vista and immediately taking advantage of those benefits.?

<a target=_blank class=ftalternatingbarlinklarge href="https://www.microsoft.com/presspass/press/2007/feb07/02-20VistaDevToolsPR.mspx"><a target=_blank class=ftalternatingbarlinklarge href="https://www.microsoft.com/presspass/press/2007/feb07/02-20VistaDevToolsPR.mspx">https://www.microsoft.com/presspa.........eb07/02-20VistaDevToolsPR.mspx</a></a>

Yet another example of Windows users avoiding and outright denying the facts.

Wow, so not only are you a troll, but illiterate too! Congrats!

Someone needs to ban this fool.

 

[Smilin]

Originally posted by: Quinton McLeod

Windows Vista is the first operating system built from the ground up with a focus on integration of the .NET Framework. The managed technologies in the newest version of the .NET Framework provide a robust platform for Windows development. Learn more by visiting the .NET Framework developer center.

http://msdn2.microsoft.com/en-us/windowsvista/aa904986.aspx


Yet another example of Windows users avoiding and outright denying the facts.

ROFL OMG dude your reading comprehension sucks. (actually I know you're just trolling, nobody is this dumb) The parts of the OS that integrate with the .net framework may indeed be new. Vista is the first OS to ship with the new .net framework built in.

This in no way indicates the OS was built from scratch with no previous code. Try again.

Yet another example of Quinton being off in his own distorted reality where he thinks he's always right, people respect him, and actually want him on the Anandtech forums.

 

[Quinton McLeod]

Ahem

?Windows Vista was built from the ground up to simplify how people work together, find information, reduce IT costs, improve security and enable mobile environments,? said Shanen Boettcher, general manager of Windows Client Product Management at Microsoft.

lol

 

[Arkaign]

Quinton, a few things :

(A)- Anyone who believes Microsoft's marketing babble is an idiot. It's a fair shake that whoever wrote that Microsoft quote couldn't tell you the difference between DOS and a hole in the ground.

(B)- I don't like Vista very much, I don't think the 'improvements' are worth the hassles that we've seen so far. Even so, it seems like you have a weird penchant for slamming anything and everything Microsoft/Vista/etc. It's not very constructive in the end. I believe everyone here probably already knows your feelings on the subject at hand.

(C)- Stash, and many other people here, *DO* like Vista, and are almost always ready to lend a hand with knowledge or other assistance when asked. It's a bit asinine to get into nit-picking arguments like this in this environment. A more constructive effort might be to write a post regarding migrating from XP to Ubuntu instead of XP to Vista. Just an idea.

 

[loup garou]

Ahem

Originally posted by: Quinton McLeod
Ahem

?Windows Vista was built from the ground up to simplify how people work together, find information, reduce IT costs, improve security and enable mobile environments,? said Shanen Boettcher, general manager of Windows Client Product Management at Microsoft.

lol

DIAF

 

[Quinton McLeod]

Originally posted by: Arkaign
Quinton, a few things :

(A)- Anyone who believes Microsoft's marketing babble is an idiot. It's a fair shake that whoever wrote that Microsoft quote couldn't tell you the difference between DOS and a hole in the ground.

(B)- I don't like Vista very much, I don't think the 'improvements' are worth the hassles that we've seen so far. Even so, it seems like you have a weird penchant for slamming anything and everything Microsoft/Vista/etc. It's not very constructive in the end. I believe everyone here probably already knows your feelings on the subject at hand.

(C)- Stash, and many other people here, *DO* like Vista, and are almost always ready to lend a hand with knowledge or other assistance when asked. It's a bit asinine to get into nit-picking arguments like this in this environment. A more constructive effort might be to write a post regarding migrating from XP to Ubuntu instead of XP to Vista. Just an idea.

a) I agree with you. Which is the point of my thread ;-) . Microsoft lies and gives misinformation about the integrity and well being of their OS. That was the point I was trying to make.

b) I haven't bashed anything else Microsoft has made except Vista. Don't believe me? Do a search for every post I've made.

C) Understandable. However, no one points out vulnerabilities here. It's always nice to get posts concerning current events for OSes.

 

[Quinton McLeod]

Originally posted by: loup garou
Ahem

Originally posted by: Quinton McLeod
Ahem

?Windows Vista was built from the ground up to simplify how people work together, find information, reduce IT costs, improve security and enable mobile environments,? said Shanen Boettcher, general manager of Windows Client Product Management at Microsoft.

lol

DIAF

You complete avoided everything after the commas. Don't be a n00b. She described the entire use of an OS. She was talking about Vista as a whole.

 

[Smilin]

Originally posted by: Quinton McLeod
Ahem

?Windows Vista was built from the ground up to simplify how people work together, find information, reduce IT costs, improve security and enable mobile environments,? said Shanen Boettcher, general manager of Windows Client Product Management at Microsoft.

lol

Wow Quinton. Your genius has caused me to see the light! With my newfound brilliance...

I HAVE HEREBY DISCOVERED THAT LINUS TORVALDS DID NOT IN FACT WRITE THE LINUX KERNEL!!!

Yes, it's true. Apparently Linux was written by ion communications and engard linux, and dozens and dozens of other companies that show up when you throw the catch phrase "built from the ground up" through any popular search engine!

http://www.ion-comm.com/about_us.html

We've Built Embedded Linux Operating Systems from the ground up

http://www.engardelinux.org/doc/other/wmes-abstract/wmes-abstract.html

EnGarde Secure Linux is not just another "repackaged" Linux distribution, but a modern open source system built from the ground up to provide secure services in the threatening world of the modern Internet.

See, just look at those quotes! They built it from the ground up and didn't re-use any code whatsoever from someone else kernel!

 

[Smilin]

I'm going home now before this thread turns me stupid.



...damn, too late I've slobbered.

Blast you Quinton!

 

[loup garou]

Originally posted by: Quinton McLeod

Originally posted by: loup garou
Ahem

Originally posted by: Quinton McLeod
Ahem

?Windows Vista was built from the ground up to simplify how people work together, find information, reduce IT costs, improve security and enable mobile environments,? said Shanen Boettcher, general manager of Windows Client Product Management at Microsoft

lol

DIAF

You complete avoided everything after the commas. Don't be a n00b. She described the entire use of an OS. She was talking about Vista as a whole.

Better?

Probably not, but don't worry, everyone will just laugh at your stupidity anyways.

 

[erikistired]

Originally posted by: Quinton McLeod
Ahem

?Windows Vista was built from the ground up to simplify how people work together, find information, reduce IT costs, improve security and enable mobile environments,? said Shanen Boettcher, general manager of Windows Client Product Management at Microsoft.

lol

nobody is this stupid. not even dave tries to pass bad reading comprehension off as fact.