Channel

Google reveals bug Microsoft says is mere gnat

Chocolate Factory says Redmond can't be bothered fixing hard-to-exploit flaw

Darren Pauli Tue 20 Jan 2015 // 23:28 UTC

Google has reported a local file flaw affecting Windows 7 and 8.1 32 and 64 -bit systems in the third vulnerability dropped since a spat with Microsoft erupted last week.

The vulnerability that allowed a malicious Server Message Block version 2 server to force a client to open arbitrary local files was marked high severity by researcher James Forshaw and led to information disclosure but would not be patched by Microsoft.

"Microsoft have concluded that the issue does not meet the bar of a security bulletin," Foreshaw said in an advisory.

"They state that it would require too much control from the part of the attacker and they do not consider group policy settings as a security feature."

The new disclosure followed a Google bug notice issued last week affecting Windows 7 and 8.1 and leading similarly to information disclosure.

Google appears determined to continue revealing vulnerabilities on its 90-day schedule, despite that policy ruffling Redmond's feathers.

Google's Forshaw said the new flaw isn't easy to exploit, .

"[Exploitation] allows a malicious SMBv2 server to force a client to open arbitrary local files," Forshaw said.

"For example it might be possible to serve a HTML file from the share and use XMLHttpRequest to access local files through this vulnerability. Also even though mount points are supposed to only be used with directories once the buffer is in the object manager it doesn't make such a distinction, so this can be used to open files or directories." ®

Similar topics

Broader topics

Narrower topics

Corrections Send us news

Other stories you might like

Despite global uncertainty, $500m hit doesn't rattle Nvidia execs

CEO acknowledges impact of war, pandemic but says fundamentals ‘are really good’

Dylan Martin Fri 27 May 2022 // 16:08 UTC

Nvidia is expecting a $500 million hit to its global datacenter and consumer business in the second quarter due to COVID lockdowns in China and Russia's invasion of Ukraine. Despite those and other macroeconomic concerns, executives are still optimistic about future prospects.
"The full impact and duration of the war in Ukraine and COVID lockdowns in China is difficult to predict. However, the impact of our technology and our market opportunities remain unchanged," said Jensen Huang, Nvidia's CEO and co-founder, during the company's first-quarter earnings call.
Those two statements might sound a little contradictory, including to some investors, particularly following the stock selloff yesterday after concerns over Russia and China prompted Nvidia to issue lower-than-expected guidance for second-quarter revenue.

Continue reading
Another AI supercomputer from HPE: Champollion lands in France

That's the second in a week following similar system in Munich also aimed at researchers

Dan Robinson Fri 27 May 2022 // 15:30 UTC

HPE is lifting the lid on a new AI supercomputer – the second this week – aimed at building and training larger machine learning models to underpin research.
Based at HPE's Center of Excellence in Grenoble, France, the new supercomputer is to be named Champollion after the French scholar who made advances in deciphering Egyptian hieroglyphs in the 19th century. It was built in partnership with Nvidia using AMD-based Apollo computer nodes fitted with Nvidia's A100 GPUs.
Champollion brings together HPC and purpose-built AI technologies to train machine learning models at scale and unlock results faster, HPE said. HPE already provides HPC and AI resources from its Grenoble facilities for customers, and the broader research community to access, and said it plans to provide access to Champollion for scientists and engineers globally to accelerate testing of their AI models and research.

Continue reading
Workday nearly doubles losses as waves of deals pushed back

Figures disappoint analysts as SaaSy HR and finance application vendor navigates economic uncertainty

Lindsay Clark Fri 27 May 2022 // 14:30 UTC

HR and finance application vendor Workday's CEO, Aneel Bhusri, confirmed deal wins expected for the three-month period ending April 30 were being pushed back until later in 2022.
The SaaS company boss was speaking as Workday recorded an operating loss of $72.8 million in its first quarter [PDF] of fiscal '23, nearly double the $38.3 million loss recorded for the same period a year earlier. Workday also saw revenue increase to $1.43 billion in the period, up 22 percent year-on-year.
However, the company increased its revenue guidance for the full financial year. It said revenues would be between $5.537 billion and $5.557 billion, an increase of 22 percent on earlier estimates.

Continue reading

UK monopoly watchdog investigating Google's online advertising business

Another probe? Mountain View is starting to look like a pincushion at this rate

Richard Currie Fri 27 May 2022 // 14:00 UTC

The UK's Competition and Markets Authority is lining up yet another investigation into Google over its dominance of the digital advertising market.
This latest inquiry, announced Thursday, is the second major UK antitrust investigation into Google this year alone. In March this year the UK, together with the European Union, said it wished to examine Google's "Jedi Blue" agreement with Meta to allegedly favor the former's Open Bidding ads platform.
The news also follows proposals last week by a bipartisan group of US lawmakers to create legislation that could force Alphabet's Google, Meta's Facebook, and Amazon to divest portions of their ad businesses.

Continue reading
Microsoft slows some hiring for Windows, Teams, and Office

'Making sure the right resources are aligned to the right opportunity' ahead of next fiscal year

Richard Speed Fri 27 May 2022 // 13:31 UTC

Microsoft has hit the brakes on hiring in some key product areas as the company prepares for the next fiscal year and all that might bring.
According to reports in the Bloomberg, the unit that develops Windows, Office, and Teams is affected and while headcount remains expected to grow, new hires in that division must first be approved by bosses.
During a talk this week at JP Morgan's Technology, Media and Communications Conference, Rajesh Jha, executive VP for the Office Product Group, noted that within three years he expected approximately two-thirds of CIOs to standardize on Microsoft Teams. 1.4 billion PCs were running Windows. He also remarked: "We have lots of room here to grow the seats with Office 365."

Continue reading
Recession fears only stoking enterprise tech spending for Dell, others

Staving off entropy with digital transformation, hybrid office, and automation projects

Paul Kunert Fri 27 May 2022 // 13:00 UTC

Enterprises are still kitting out their workforce with the latest computers and refreshing their datacenter hardware despite a growing number of "uncertainties" in the world.
This is according to hardware tech bellwethers including Dell, which turned over $26.1 billion in sales for its Q1 of fiscal 2023 ended 29 April, a year-on-year increase of 16 percent.
"We are seeing a shift in spend from consumer and PCs to datacenter infrastructure," said Jeff Clarke, vice-chairman and co-chief operating officer. "IT demand is currently healthy," he added.

Continue reading

GitHub saved plaintext passwords of npm users in log files, post mortem reveals

Unrelated to the OAuth token attack, but still troubling as org reveals details of around 100,000 users were grabbed by the baddies

Richard Speed Fri 27 May 2022 // 12:15 UTC

GitHub has revealed it stored a "number of plaintext user credentials for the npm registry" in internal logs following the integration of the JavaScript package registry into GitHub's logging systems.
The information came to light when the company today published the results of its investigation into April's unrelated OAuth token theft attack, where it described how an attacker grabbed data including the details of approximately 100,000 npm users.
The code shack went on to assure users that the relevant log files had not been leaked in any data breach; that it had improved the log cleanup; and that it removed the logs in question "prior to the attack on npm."

Continue reading
This Windows malware uses PowerShell to inject malicious extension into Chrome

And that's a bit odd, says Red Canary

Jeff Burt Fri 27 May 2022 // 11:26 UTC

A strain of Windows uses PowerShell to add a malicious extension to a victim's Chrome browser for nefarious purposes. A macOS variant exists that uses Bash to achieve the same and also targets Safari.
The makers of the ChromeLoader software nasty ensure their malware is persistent once on a system and is difficult to find and remove, according to threat hunters at cybersecurity shop Red Canary, who have been tracking the strain since early February and have seen a flurry of recent activity.
"We first encountered this threat after detecting encoded PowerShell commands referencing a scheduled task called 'ChromeLoader' – and only later learned that we were catching ChromeLoader in the middle stage of its deployment," Aedan Russell, detection engineer at Red Canary, wrote in a blog post this week.

Continue reading
Spam is back with a vengeance. Luckily we can't read any of it

It's a shame still nothing can be done about all the false positives, though

Alistair Dabbs Fri 27 May 2022 // 10:44 UTC

Something for the Weekend WE BRING ENGLISH TO YOUR FEET! reads the email.
That's nice. I knew I was lacking something in the footwear department. A fine pair of bobby dazzlers, no doubt.
No, that can't be right. Let me run it through another translation app. Ah, how about this?

Continue reading
Clonezilla 3: Copy and clone disk images to your heart's content

Even non-sysadmins may find this Linux live ISO handy

Liam Proven in Prague Fri 27 May 2022 // 10:02 UTC

Clonezilla 3 is a new version of an (almost) universal disk-imaging and duplication tool which can copy, or image, almost any mass storage device.
Remember Norton Ghost? It was discontinued nearly a decade ago now, in 2013. There are lots of alternatives to it out there, including commercial ones, but Clonezilla is handy because it can handle almost any disk format, and it's totally free. Version 3 just appeared and it's got a bunch of new features, including support for Apple APFS, ChromeOS Flex, and Linux drives encrypted with LUKS.
Clonezilla is not a general-purpose tool, or a graphical live desktop for general disk work. If you want that, try SystemRescue 9, which we looked at earlier this year.

Continue reading
BOFH: Where do you think you are going with that toner cartridge?

Did that printer service person just sell you 10 overpriced boxes of the wrong paper?

Simon Travaglia Fri 27 May 2022 // 09:15 UTC

Episode 10 It is a great morning! The phone has not rung once (and not because the PFY has rebooted the phone server with a DBAN USB stick in it again), the aircon and security system are behaving, and outside the sun is shini-
"What's he doing here?" I ask the PFY.
"Who?" the PFY asks, getting up off his chair as he senses a hint of urgency in my tone. "What's who doing... SH*T!"

Continue reading

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Security Scorecard

Biting the hand that feeds IT © 1998–2022

Do not sell my personal information Cookies Privacy Ts&Cs