http://www.computerworld.com/s/article/9248265/Hackers_now_crave_patches_and_Microsoft_s_giving_them_just_what_they_want?taxonomyId=17



Hackers now crave patches, and Microsoft's giving them just what they want

At least one of next Tuesday's updates looks like an excellent candidate to
hackers as they sniff for bugs in the now-retired Windows XP

*By Gregg Keizer
<http://www.computerworld.com/s/author/9000163/Gregg+Keizer>*

May 11, 2014 08:31 AM ET



Computerworld - Hackers will have at least one, perhaps as many as four,
patches next week to investigate as they search for unfixed flaws in
Windows XP, the 13-year-old operating system that Microsoft retired from
support April 8.

"Come Tuesday, Microsoft will be patching some vulnerabilities in Windows,
and it is realistic to assume that at least one of these will also affect
Windows XP," said Kasper Lindgaard, director of research and security at
Secunia, in an email Friday. "Generally speaking, newly discovered
vulnerabilities in XP will be unpatchable for private users, and therefore
we will see a rise in attacks."

On May 13, Microsoft's regularly-scheduled monthly Patch Tuesday, the
Redmond, Wash. company will issue eight security
updates<http://www.computerworld.com/s/article/9248207/Tick_tock_Windows_8.1_users_face_patch_ban_as_Microsoft_sets_next_week_s_updates>for
its software. But because it has stopped providing updates to owners
of
Windows XP PCs, those customers will not see any of the eight.

Hackers looking for vulnerabilities in Windows XP will be using the patches
to find vulnerabilities in XP, Microsoft and security experts have said. By
conducting before- and after-patch code comparisons, attackers may be able
to figure out where a vulnerability lies in Windows 7 -- which *will* be
patched -- then sniff around the same part of XP's code until they discover
the bug there. From that point, it will be relatively straight forward for
them to craft an exploit and use it against unprotected XP PCs.

More on Windows<http://www.computerworld.com/s/topic/125/Windows?source=toc>
[image:
http://www.computerworld.com/common/images/common/arrow_blue_right.gif]

"Patches to the other Windows operating systems will be reverse engineered
by hackers, seeking to discover which vulnerabilities were fixed by
Microsoft, and if applicable, modified to work against Windows XP,"
Lindgaard said.

He's not the only one who believes hackers will leverage updates to find
unpatched bugs in XP. So does Microsoft.

"After April [2014], when we release monthly security updates for supported
versions of Windows, attackers will try and reverse engineer them to
identify any vulnerabilities that also exist in Windows XP," said Dustin
Childs, director of Microsoft's Trustworthy Computing group, last
October<http://www.computerworld.com/s/article/9243660/Windows_XP_infection_rate_may_jump_66_after_patches_end_in_April>.
"If they succeed, attackers will have the capability to develop exploit
code to take advantage of them."

Four of the eight scheduled security updates that Microsoft plans to ship
next week look like candidates for hackers because they will affect all
client versions of Windows, including Windows Vista, Windows 7, Windows 8
and Windows 8.1. Before Microsoft stopped pushing patches to XP, it was
rare for an update to fix one or more newer editions of Windows, but
*not*patch XP at the same time.

One of the four will impact all instances of IE, so there's a very high
chance that that update would have patched the pertinent editions of the
browser -- IE6, IE7 and IE8 -- on Windows XP if Microsoft had continued
updating the old OS. The upcoming fix for IE was rated "critical,"
Microsoft's highest threat warning, and was also tagged with the phrase
"remote code execution" in last week's advance
notification<https://technet.microsoft.com/en-us/library/security/ms14-may.aspx>,
meaning that if successfully exploited, attackers could hijack the PC and
plant malware on its drive.

Two of the remaining three updates also strongly hint at XP
vulnerabilities, albeit less threatening ones, since they will apply not
only to the newer client editions, like Windows 7 and 8, but also to the
still-supported Windows Server 2003, which has a considerable amount of
code in common with XP.

The only good news, said Secunia last week, was that Windows XP's
retirement triggered a sharp decline in its share of U.S. PC operating
systems. In the three weeks after April 8, XP's share dropped nearly 17%,
said the Danish security company.

The decline of one percentage point each week took Windows XP from an 18%
share before retirement to 15% for the week April 23-29. The three-point
drop represented one-sixth, or 16.7%, of the original 18% share.

More on Windows<http://www.computerworld.com/s/topic/125/Windows?source=toc>
[image:
http://www.computerworld.com/common/images/common/arrow_blue_right.gif]

Secunia measured operating system share by tallying the machines that
accessed its patch management tools, including the free Personal Software
Inspector <http://secunia.com/vulnerability_scanning/personal/> (PSI), a
utility that identifies out-of-date Windows applications and add-ons, then
delivers security updates.

Other measurements of Windows XP, including a global estimate by Net
Applications earlier this month, pegged Windows XP's presence considerably
higher, mostly because huge numbers of Chinese computers still run the OS.
Net Applications reported that XP powered about
26%<http://www.computerworld.com/s/article/9248051/XP_s_retirement_triggers_another_wave_of_deserters>of
all desktop and notebook personal computers in April.

StatCounter, an Irish analytics company, said that XP's share in the U.S.
averaged 13% last month, a drop from 15% the month prior.

Secunia's numbers imply that the demise of patch support for Windows XP has
prompted a significant portion of American die-hards to finally discard the
operating system, presumably replacing it with Windows 7, 8 or 8.1, or in
some instances, with a Mac or another type of computing device, such as a
tablet.




__._,_.___


 Visit Your 
Group<https://groups.yahoo.com/neo/groups/grendelreport/info;_ylc=X3oDMTJmaDd2Mm04BF9TAzk3MzU5NzE0BGdycElkAzIwMTk0ODA2BGdycHNwSWQDMTcwNTMyMzY2NwRzZWMDdnRsBHNsawN2Z2hwBHN0aW1lAzEzOTk5MjEzODg->

   - New 
Members<https://groups.yahoo.com/neo/groups/grendelreport/members/all;_ylc=X3oDMTJnNGNsaHBiBF9TAzk3MzU5NzE0BGdycElkAzIwMTk0ODA2BGdycHNwSWQDMTcwNTMyMzY2NwRzZWMDdnRsBHNsawN2bWJycwRzdGltZQMxMzk5OTIxMzg4>
   2

 [image: Yahoo!
Groups]<https://groups.yahoo.com/neo;_ylc=X3oDMTJlZm1qaHEzBF9TAzk3NDc2NTkwBGdycElkAzIwMTk0ODA2BGdycHNwSWQDMTcwNTMyMzY2NwRzZWMDZnRyBHNsawNnZnAEc3RpbWUDMTM5OTkyMTM4OA-->
• Privacy <https://info.yahoo.com/privacy/us/yahoo/groups/details.html> •
Unsubscribe <[email protected]?subject=Unsubscribe>•
Terms
of Use <https://info.yahoo.com/legal/us/yahoo/utos/terms/>

__,_._,___

-- 
-- 
Thanks for being part of "PoliticalForum" at Google Groups.
For options & help see http://groups.google.com/group/PoliticalForum

* Visit our other community at http://www.PoliticalForum.com/  
* It's active and moderated. Register and vote in our polls. 
* Read the latest breaking news, and more.

--- 
You received this message because you are subscribed to the Google Groups 
"PoliticalForum" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to