Fun Things Can Be Flawed

A super interesting topic, which I am personally very eager to explore, is information security. It should be said that this post is and many following posts will be inspired by two people: Michael Rushanan and Paul Martin so thanks a lot for these topics otherwise I probably never would have been able to cross “maintaining a technical blog” off of my bucket list.

Aside: I could never claim to be one of those “I learned the binary before decimal”/”I built a robot to tie my shoes before I could tie them myself”/”Computer and me are one” types of genius tech kids. I was more of a “I like to play video games so I’ll say that I’m interested in studying technology as an excuse to stay on the computer for hours on end farming gold for no reason at all.

So, disclaimer: my knowledge on certain topics result from multiple hours of scouring the web and begging experts to explain simple things to me.

So in lieu of my lack of knowledge on the topic, I’m taking this post as an opportunity to open the door to the vast topic of information security. What I’ve learned is that a great place to start exploring a field is to get a feel for real life applications that are relevant to said field. So I sifted the first 5 links of a simple Google search for relatively new vulnerabilities discovered for my primary OS, Windows 7. And voila, a fun little discovery was made on my part that every MS user should respond with a mild “huh.”

Apparently those gadgets that were cute on the first boot-up but turned out to be annoying slow and pointless were fatally flawed.

If you don’t know what the Windows Sidebar and Gadgets are, they’re similar to the widgets you can find on Android smartphones that try to make keeping track of various more convenient or provide benign benefits like telling the weather or the day’s date.

That thing on the side? Remember it? Yep, bad news bears.

That thing on the side? Remember it? Yep, bad news bears.

I mean it really was a cute feature but apparently it was also a bad one. Now let’s find out why.

From the previously linked Microsoft security advisory itself:

“Microsoft is aware that some legitimate Gadgets running in Windows Sidebar could contain vulnerabilities. An attacker who successfully exploited a Gadget vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system.”

How this is done is above me (for now). At this point, if I were to hedge a guess, the hack would involve some form of pointer misdirection that results from poorly implemented gadget code. But that’s just me spitting out what little knowledge I gained from a 2 hour first-day lecture on hardware hacking. The other bullet that the security advisory has:

“An attacker could create a malicious Gadget and then trick a user into installing the malicious Gadget. Once installed, the malicious Gadget could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system.”

This seems sort of obvious since it’s essentially saying, if you download a virus, you will get kicked in the butt. But it really highlights the idea that the gadget has full reign when running. And since gadgets are mostly intended to act as processes running in the background, users would not be able to notice that they are doing damage and stop the source until the damage is clear.

So I guess that sort of explains why I haven’t seen the Windows Sidebar for a little over a year.

Who knew something so cute and plain had such malicious potential.

P.S. I promise that someday I will find out and share what kind of hacks specifically applied to this vulnerability; if any interesting cases ever arose from it.

Advertisements

Whisper some secrets to Duke...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s