Re: Microsoft Says Parts of Source Code Were Leaked (Two messages)

[InfoSec News <isn () c4i org>]

Forwarded from: Russell Coker <russell () coker com au>

On Sat, 14 Feb 2004 01:20, InfoSec News <isn () c4i org> wrote:
> Forwarded from: William Knowles <wk () c4i org>
>
> http://www.washingtonpost.com/wp-dyn/articles/A38314-2004Feb12.html
>
> By Brian Krebs
> Special to The Washington Post
> Friday, February 13, 2004
>
> Computer security experts said the release of Windows source code
> could pose a threat to Internet security, depending on what portion
> of the code was leaked.
>
> A leak of any portion "could dramatically increase the probability
> that new zero-day vulnerabilities will be found," said Alan Paller,
> director of research at the SANS Institute, a security training
> group based in Bethesda.

[...]

> But even a partial leak "is a potentially very serious problem for
> Microsoft," Larholm said. "Just look at the vulnerabilities that are
> discovered by people who didn't have access to the source code."
>
> Howard Schmidt, former head of security at Microsoft, said he was
> less concerned about the security implications of the leak than its
> potential threat to Microsoft's intellectual property.

http://www.linuxworld.com/story/34878.htm

Rumor has it that the section of code in question is that which was
shipped to several governments for the purposes of checking the
security.  The above URL is one of many news articles on that topic.  
It will be very interesting to find out whether this rumor is correct.  
Has a government broken their license agreement?  Or has the Microsoft
network been cracked again?

If a government, then which one?  Surely MS sent slightly different
sections of code to each government licensee so they will know who
leaked it...

If the security of Windows systems is seriously threatened by such
code release then it should never have been released to the Chinese
government. NB Running a Falun Gong web server on NT might be
particularly risky now.

If the leak of the software is a risk to Microsoft intellectual
property then why would they give it to the Chinese government?  
China does not have a good record concerning intellectual property...

Here is the URL to information on the last time a crack of Microsoft's
network was publicised: http://zdnet.com.com/2100-11-525083.html?legacy=zdnn

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page



-=-



Forwarded from: Chad W. Didier <cdidier () cdsupportservices com>

Hmmm, sounds like a perfect pretense for those customers using NT 4.0
and 2000 to upgrade to MS' latest greatest. Considering MS' business
tactics it isn't a far stretch of the imagination to consider the
possibility of an inhouse leak for just that very purpose. They've
discussed zero day threats which could have crippling effects on a
business that must wait for a patch one or more days. So far, to my
knowledge, no zero day threat has materialized. But, now with this
timely leak of source code conveniently only effecting older platforms
the argument to upgrade is made all but irresistable. A business well
entrenched in the Microsoft paradigm, even in light of MS' failings,
would find itself unable to switch over to more robust platforms. One
or two instances of a zero day exploit bringing ill prepared
businesses to their knees should work well to convince the rest it is
time to upgrade. Anyone know if Microsoft's sales are down for the
year? ;)


-----Original Message-----
From: owner-isn () attrition org [mailto:owner-isn () attrition org] On 
Behalf
Of InfoSec News
Sent: Friday, February 13, 2004 9:21 AM
To: isn () attrition org
Subject: [ISN] Microsoft Says Parts of Source Code Were Leaked 


Forwarded from: William Knowles <wk () c4i org>

http://www.washingtonpost.com/wp-dyn/articles/A38314-2004Feb12.html

By Brian Krebs
Special to The Washington Post
Friday, February 13, 2004

Microsoft Corp. last night confirmed that portions of the source code 
for two versions of its Windows operating system have leaked onto the 
Internet, a security breach that could give hackers important 
intelligence about how to exploit flaws in software run by many of the 
world's computers.

"Today we became aware that incomplete portions of Windows 2000 and NT 
4.0 source code was illegally made available on the Internet," 
Microsoft spokesman Tom Pilla said. "It's illegal for third parties to 
post Microsoft source code and we take that activity very seriously."

Pilla said the company does not know how much of the code was 
compromised, but he said Microsoft believes it was not a complete 
version of either operating system. There was no indication of a 
breach in Microsoft's internal network, Pilla said. He said the FBI is 
investigating.

Windows 2000 and NT are widely deployed in business networks; less so 
on home computers.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.