[Previous entry: "WMF vulnerability is a backdoor?"] [Main Index] [Next entry: "RFID-proof wallet"]

01/14/2006 Archived Entry: "WMD backdoor not "critical""

Microsoft is denying that the WMF flaw is a deliberate backdoor...and some other security analysts agree. I'm keeping an open mind until someone gets to examine their source code.

Meanwhile, Microsoft insists this is not a "critical" flaw. The secret here is how Microsoft defines "critical": according to Gibson, "only if its exploitation could allow the propagation of an Internet worm without user action." (Emphasis added.)

In other words, according to Microsoft, if you innocently open an email -- or visit a web page -- and the simple act of doing so causes a virus to load which infects your computer, emails itself to all your friends, steals all your passwords, disables your CD-ROM drive, erases all third-party software, deletes your "My Documents" folder, emails a continuous stream of neo-Nazi spam, and starts a Denial of Service attack on microsoft.com, why, that's not critical. That's merely an "important" flaw. Because you had to take some action -- like clicking a link -- to start the process.

I grant that vulnerabilities which propagate without user intervention pose a greater threat to the Internet -- think of Slammer, Code Red, and Nimda -- but in my opinion Microsoft is pulling a bit of a con by labelling flaws which can steal your identity and reduce your computer to junk less than "critical".

Remember that when you hear Microsoft crowing about how few "critical" Windows vulnerabilities turned up in any given month.  —brad