Windows Bug From 1993 Still Causing Trouble for Microsoft

A change made to Windows in 1993 may have opened up a security hole that, surprisingly, remains unpatched today. The issue is unlikely to affect home users but could pose a risk to corporate networks.

The problem stems from Windows NT version 3.1, which was one of the first 32-bit operating systems. As with the recent development of 64-bit operating systems, this meant some compatibility problems with older software.

At the time, Microsoft added a feature known as a Virtual DOS (Disk Operating System) machine to run 16-bit applications on the system. The feature has been a fixture ever since and is even part of Windows 7, though not available in the 64-bit edition.

Virtual DOS 16-Bit Stack Attack

It's now been discovered that if a 16-bit application is run through Virtual DOS, it can manipulate the Windows kernel stack.

Put in simple terms, that means it can control exactly what function the computer concentrates on at any split second. That in turn allows the program to execute code without security restrictions, potentially giving a hacker control of the computer, possibly even without being discovered. (Source: theregister.co.uk)

The bug was discovered by a member of Google's security team, which is quite the irony given a flaw with Internet Explorer is being blamed for recent attacks on Google in China.

Tavis Ormandy says he reported the problem to Microsoft last June and that the company acknowledged his report but hasn't updated it since. He's now published the details, noting that it's usually bad practice to do so before a patch is available, but that in this case there's an easy workaround. (Source: neohapsis.com)

Simple Solution For Tech Savvy Users

The solution is to simply disable the machine from running 16-bit applications, which is unlikely to cause problems for all but a tiny minority of users. This can be done relatively easily through Windows' group policy editor, though this should only be used by people familiar with the tool, such as network administrators.

For most home users, it's unlikely the issue will pose a serious risk, though it is a reminder to take care about which files you allow onto your PC and to avoid running any program unless it comes from a trusted and reliable source.

Microsoft hasn't commented on the specifics of the reported problem but gave a standard response saying it is investigating and may issue a patch if required.