Zero-Day Windows exploit "AtomBombing"

[Schultz]

I just read this article, link below. I'm not even going to try to explain it, as it's mostly over my head. If what this article reports is true, it seems we are in for some bad times. One person who commented asked about all the ATMs running Windows . . . I wonder if from now on I'm just going to have to go inside the bank to get cash. But another comment said this: "That smells like overblown sensationalism . . . ." So to all the computer experts who frequent this forum, is this something we all have to worry about, or is it just "sensationalism"?

http://www.ghacks.net/2016/10/29/atombo ... s-exploit/

[deepakdeshp]

If this is true, are all the windows systems doomed , as there can not be any antivirus for these
To counter this, does MS have to changes the design of the systems? Lets wait for a statement from MS.

[Portreve]

I guess a good question to also be raised is, "How do other operating systems, such as GNU+Linux, GNU+Linux-based Android OS, iOS, and Mac OS X, handle this sort of basic operating system functionality?" I'm not necessarily saying it's identical, but obviously there's a chance that there's a different-but-equivalent way these OSs handle it, and that in principle could be exploited as well.

On the other hand, if other OS makers have a better, not exploitable way of doing this, then this should be proclaimed loudly from the hills.

[BigEasy]

I just read this article, link below. I'm not even going to try to explain it, as it's mostly over my head. If what this article reports is true, it seems we are in for some bad times. [/url]

1. There is a virus, trojan.
1.1. Microsoft never able to patch malicious code execution. Malicious code is not different from the good code.
2. Fight against viruses, trojans is deal of antivirus software.
3. Zero-day virus is virus not detected before today.
4. Antivirus softwares will fight tomorrow.

So, take it easy.

[millpond]

https://breakingmalware.com/injection-t ... r-windows/

This is about as big as it gets.

And I do not for one second believe that this exploit is *new*. For a long time there has been some rumblings about boogers latching on to Win services. And defying any and all scanners and heuristics.

You might be able to tailor heuristics for it now, but there would likely be alot of false positives especially from Win itself, which would be using undocumented system calls.

Think about it. What better way to deprecate the Win desktop and march people into the cloud than proving that all their machines are irreversibly infected.

Or for that matter bring the unwashed masses flooding into Linux, where they can safely use their Win programs on VMs or running on Wine. (Or so they would tend to believe).

Recently all three of my Win boxes have slowed to a snail pace, with me having to do a hard shut down on *all* of them.
I assume that this came from some stupid online garbage site from the local community college, where wife needed to allow boogers in - against warnings - to take quizzes.

Explorer taking up to around 600Mb, thrashing the disk, as well as svchost acting oddly. I know how to hunt boogers. But this is like hunting ghosts.

Fortunately 2 of the 3 machines boot into Linux. Soon to be 3 of 3.

Hopefully some greybeard will pop in with some ideas.
Especially as while those system calls cannot affect Linux, they can presumably affect programs in Wine.

Best advice form this end: No online banking or entering of credit card #'s on any Win machines or M$ programs under any platform.

And dont keep any valuable data in any 'Active Directories'.

Now with the big 'secret' out, every script kiddie in this quadrant of the galaxy will be using it - and only a matter of time where they truly get to the malicious stage (right now its stealing financial info...).

[AscLinux]

2. Fight against viruses, trojans is deal of antivirus software.

What a nonsense. Not long time ago leading anti-virus software companies admitted about one third of viruses goes undetected. Anti-virus is second line of defense. First line is a strong OS without thousands of security holes - something MS Windows is not.

[Dr G]

I just read this article, link below. I'm not even going to try to explain it, as it's mostly over my head. If what this article reports is true, it seems we are in for some bad times. One person who commented asked about all the ATMs running Windows . . . I wonder if from now on I'm just going to have to go inside the bank to get cash. But another comment said this: "That smells like overblown sensationalism . . . ." So to all the computer experts who frequent this forum, is this something we all have to worry about, or is it just "sensationalism"?

http://www.ghacks.net/2016/10/29/atombo ... s-exploit/

The brief summary, "Windows is insecure, by design."

Knowledgeable Linux supporters have warned us of this reality for years. Yet their warnings are often lost in a cacophony of pro-windows blather. Security is, after all, hard. Even Linux supporters must be vigilant.

[Habitual]

4. Antivirus softwares will fight tomorrow.

I have to call BS here.
Most of you are blowing smoke and spreading FUD.
Lose the ATMs or overhaul the structure.

I for one am tired of speculation.
Fear and ignorance are the enemies here.
But A/V will 'fight' anything is laughable (nothing personal)

And my toaster can scan for viruses, but it, like ClamAV,
it doesn't clean anything.
</personal_opinion>

[millpond]

I just read this article, link below. I'm not even going to try to explain it, as it's mostly over my head. If what this article reports is true, it seems we are in for some bad times. One person who commented asked about all the ATMs running Windows . . . I wonder if from now on I'm just going to have to go inside the bank to get cash. But another comment said this: "That smells like overblown sensationalism . . . ." So to all the computer experts who frequent this forum, is this something we all have to worry about, or is it just "sensationalism"?

http://www.ghacks.net/2016/10/29/atombo ... s-exploit/

The brief summary, "Windows is insecure, by design."

Knowledgeable Linux supporters have warned us of this reality for years. Yet their warnings are often lost in a cacophony of pro-windows blather. Security is, after all, hard. Even Linux supporters must be vigilant.

The fact that the Win Firewall was software reprogrammable told me everything I needed to know.

Turned off security center, updates, UAC on newer garbage - all smoke and mirrors to hide the fact that since Win is *by design* as leaky as a screen door on a submarine, any and all security MUST come from *outside* M$.

Mainly hardware firewalls, checking running services, a good software firewall - and fully armored browsers.

The latter did me in here, as I was forced to lower shields, to let in some stoooooopid school boogers.
Nary a word from the Comodo firewall, though.....

[BigEasy]

[First line is a strong OS without thousands of security holes - something MS Windows is not.

No. First line (if not single) exists between keyboard and chair. Hand up, please, who working in Windows under User (not Administrator) privilegies.
Well. Not much hands visible. So, what we are talking about after that? How does this relate to Windows?

[AscLinux]

[First line is a strong OS without thousands of security holes - something MS Windows is not.

No. First line (if not single) exists between keyboard and chair. Hand up, please, who working in Windows under User (not Administrator) privilegies.
Well. Not much hands visible. So, what we are talking about after that? How does this relate to Windows?

Nope. You can take all precautions in Windows and still get infected. This is how crappy this OS is. Cars without brakes and malfunctioning steering are illegal on public highways. Why is MS Windows allowed connect to the internet? It is clearly not strong enough for internet connection. When faced directly (without NAT router) the net the break-in time is around a minute after discovered.
Fighting DDoS attacks and other cyberthreats costs billions every year. Where these attacks come from? Zombified Windows boxes!

[millpond]

Its amazing how much time and effort and money people spend on M$ security when there is none, and none possible for a system that defaults to remote desktop functions. Win is designed to give Redmond control over *your* desktop not you.

But with the mediocre level of programming from M$, its simple for any decent malware programmer to use those back doors to take over also.

Strong passwords, user accounts, UAC, AV, encryption, Win Firewall - all lipstick on a pig and totally useless.

In fairness they did work on some of the older toolkits handed out for free on the Darknet, which relied on RATS creating their own programs to phone home with (even to the point of installing OpenVPN in one case), and some of the older encryptor signatures would be discovered over time. But its not the way things work now. As soon as the encryptors are discovered, they are changed. And the payloads are now publically available as Win system calls.

The only light i see at the end of the Win tunnel is the Russkies throwing a research institute behind ReactOS. They've already given it 'official' support.

[Portreve]

Is this the thing that Google outted Microsoft on in one of their posts?

[millpond]

Is this the thing that Google outted Microsoft on in one of their posts?

Not sure where the original outing came from, I was under the impression it was Israeli. Could be wrong.

Makes sense for Google though. It had the motive - to get people to switch to its operating system.

Android on a desktop?

[TooMuchTime]

This isn't just a banking/financial problem. If this is true, what about health care providers that use Windows on their desktops? This would mean the privacy of 99% of all medical records is threatened. I know because it's what I do for a living. YOU and I may be smart enough to stop using Windows but if your doctor or dentist still does, you have no say in the matter of the safety of your medical records. All because Microsoft refuses to publicly acknowledge the flawed nature of their operating system.

In an earlier thread I said that Microsoft will not rewrite Windows. That would be tantamount to an admission and confession that Windows is a leaky as a colander. Do you think they are likely to admit anything now? They'll just claim there is a way to "patch" this. Nothing to see here; move along.

I am reminded of someone rearranging the deck chairs on the Titanic.

[BigEasy]

Nope. You can take all precautions in Windows and still get infected.

No. If you take all precautions in Windows you will never beeen infected. But people never do even elementary things.

When faced directly (without NAT router) the net the break-in time is around a minute after discovered.

Not true and even not close. I have inernet connection directly to my computer network card. No NAT, just DIRECT connection for many years. No problem.

Fighting DDoS attacks and other cyberthreats costs billions every year. Where these attacks come from? Zombified Windows boxes!

Zombified users of Windows boxes.

[Fred Barclay]

No. If you take all precautions in Windows you will never beeen infected.

Not if the rumours of backdoors in Windows are true.

[AscLinux]

Nope. You can take all precautions in Windows and still get infected.

No. If you take all precautions in Windows you will never beeen infected. But people never do even elementary things.

When faced directly (without NAT router) the net the break-in time is around a minute after discovered.

Not true and even not close. I have inernet connection directly to my computer network card. No NAT, just DIRECT connection for many years. No problem.

Fighting DDoS attacks and other cyberthreats costs billions every year. Where these attacks come from? Zombified Windows boxes!

Zombified users of Windows boxes.

^^ This, ladies and germs, qualifies as BS. Although I respect your right to your own opinions, no matter how blatantly they fly in the face of logic and reality, I will be no part of this discussion from now on.

[millpond]

No. If you take all precautions in Windows you will never beeen infected.

Not if the rumours of backdoors in Windows are true.

http://www.computerworld.com/article/25 ... pdate.html

And this a *OLD* news!

[BigEasy]

So what? Can I remind you case of faked Linux Mint installatin that took place right here ? I was simple as hell comparing to Microsoft's.

^^ This, ladies and germs, qualifies as BS. Although I respect your right to your own opinions, no matter how blatantly they fly in the face of logic and reality

Same from me to you. This, ladies and germs, qualifies as BS. Although I respect your right to your own opinions, no matter how blatantly they fly in the face of logic and reality.