Re: Black screen

[Nick FitzGerald <nick () virus-l demon co uk>]

Robert Slade wrote:

> Microsoft has announced, today, that they have absolutely no idea
> what the problem is, but it is *not* *their* *fault*. 

As a news story, this started several days back:

   http://www.theregister.co.uk/2009/11/30/prevx_microsoft_black_screen/

   http://www.theregister.co.uk/2009/12/02/black_screen_u_turn/

but the actual story started about a week ago:

   http://www.prevx.com/blog/140/Black-Screen-woes-could-affect-millions-on-Windows--Vista-and-XP.html

Prevx has since withdraw its claims that the MS updates mentioned in 
that article are implicated at all:

   http://www.prevx.com/blog/141/Windows-Black-Screen-Root-Cause.html

...and it seems all the fuss is due to one part of Windows expecting 
that a (or "some" or "all" -- not quite clear) REG_SZ strings will be 
null-terminated as stored in the registry (or, at least, as output by 
standard regsitry query API calls), and the fact that the registry 
value setting API calls do not enforce null-termination of said REG_SZ 
string values.

Oh, and MS has known about this for a long time...

At a minimum, read the second Prevx item linked above for some of the 
juicy technical details.  It seems that SysInternals, among others, 
discovered the root cause of this problem several years ago.



Regards,

Nick FitzGerald


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.