SyntaXmasteR
03-31-2006, 02:25 PM
Did Microsoft deliberately RootKit everyones computer to allow spying by the NSA, CIA and FBI ?
Steve Gibson explores the WMF vulnerability Code found in the WMF vulnerability indicates a backdoor was deliberately placed there...
-- from the folks at Gibsons Research
The story as we understand it so far is this : Steve Gibson was curious about why Microsoft was not releasing a patch for the earlier versions of Windows to remedy the WMF vulnerability. MS had stated in their ********* Bulletin that they saw no need to patch the older Windows operating system because the WMF 'vulnerability' didn't affect those OS's. Steve wanted to check this out and did a little research on the patch issued by MS, visited the hacker web sites that explained how to exploit the vulnerability and with a few test machines configured with the older OS's he found that he could not find a way to trigger the vulnerability. At this point his findings agreed with MS. .
On further examination of the recent versions of the Microsoft operating systems, Steve found that there was a function call in the Microsoft code that had absolutely nothing to do with the graphics. It in fact was more closely related to a function call for stopping a printing job. On even closer examination it was found that by submitting the digit of " * " to this function call you were able to a remote code execution - better known as a 'backdoor'.
Steve is playing down any direct accusations at whether Microsoft had intentionally put this 'backdoor' into all the latter versions of the Microsoft operating systems. Theories from begun to surface from some security pundits that s***est Microsoft may have 'deliberately' placed this backdoor in their code as a means of allowing the NSA, CIA or FBI or just about any law enforcement agency to gain full access to ANY computer on the Internet running these latter versions of the Microsoft operating system.
Also being s***ested by some pundits is the theory that one of the Microsoft 'code serfs' may have planted this code for purely innocent purposes during the code development stages ( and it simply was forgotten about ) or that it was put in there deliberately by one of the MS code slaves for a more malicious purpose.
Either way... Steve has now opened a tempest of questions that will now need to be resolved. You can't simply raise the spectre of global spying and hidden rootkits planted by Microsoft without either proving or disproving the allegation. If you cannot trust Microsoft than what can you do ? And if there was 'one' hidden rootkit than what is there to say that there is not a 'second' or 'third' fail safe hidden rootkit - as a safeguard should one be discovered or exposed ? With the recently revealed 'deliberately installed rootkits' found in Sony DVD products, and now the latest allegations that Symantec and Kaspersky have also been planting rootkits in their products, it leaves you to wonder if this is all just a little too coincidental..
Steve Gibson explores the WMF vulnerability Code found in the WMF vulnerability indicates a backdoor was deliberately placed there...
-- from the folks at Gibsons Research
The story as we understand it so far is this : Steve Gibson was curious about why Microsoft was not releasing a patch for the earlier versions of Windows to remedy the WMF vulnerability. MS had stated in their ********* Bulletin that they saw no need to patch the older Windows operating system because the WMF 'vulnerability' didn't affect those OS's. Steve wanted to check this out and did a little research on the patch issued by MS, visited the hacker web sites that explained how to exploit the vulnerability and with a few test machines configured with the older OS's he found that he could not find a way to trigger the vulnerability. At this point his findings agreed with MS. .
On further examination of the recent versions of the Microsoft operating systems, Steve found that there was a function call in the Microsoft code that had absolutely nothing to do with the graphics. It in fact was more closely related to a function call for stopping a printing job. On even closer examination it was found that by submitting the digit of " * " to this function call you were able to a remote code execution - better known as a 'backdoor'.
Steve is playing down any direct accusations at whether Microsoft had intentionally put this 'backdoor' into all the latter versions of the Microsoft operating systems. Theories from begun to surface from some security pundits that s***est Microsoft may have 'deliberately' placed this backdoor in their code as a means of allowing the NSA, CIA or FBI or just about any law enforcement agency to gain full access to ANY computer on the Internet running these latter versions of the Microsoft operating system.
Also being s***ested by some pundits is the theory that one of the Microsoft 'code serfs' may have planted this code for purely innocent purposes during the code development stages ( and it simply was forgotten about ) or that it was put in there deliberately by one of the MS code slaves for a more malicious purpose.
Either way... Steve has now opened a tempest of questions that will now need to be resolved. You can't simply raise the spectre of global spying and hidden rootkits planted by Microsoft without either proving or disproving the allegation. If you cannot trust Microsoft than what can you do ? And if there was 'one' hidden rootkit than what is there to say that there is not a 'second' or 'third' fail safe hidden rootkit - as a safeguard should one be discovered or exposed ? With the recently revealed 'deliberately installed rootkits' found in Sony DVD products, and now the latest allegations that Symantec and Kaspersky have also been planting rootkits in their products, it leaves you to wonder if this is all just a little too coincidental..