GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Microsoft says NT4.0 too flawed to fix!!!! (https://gfy.com/showthread.php?t=119970)

MrPopup 03-27-2003 01:20 PM
Microsoft says NT4.0 too flawed to fix!!!!
 
NT4.0 too flawed to fix - official
By John Leyden
Posted: 27/03/2003 at 17:42 GMT


There's a nasty rider with Microsoft's latest security problem for NT users.

Although a denial of service risk exists in an "important" security vulnerability, publicised yesterday affecting NT 4.0, Redmond tells users not to expect a patch for that operating system anytime soon.

Windows 2000 and XP users do have access to a fix, designed to address a flaw involving Endpoint Mapper, but the best on offer for Win NT users is advice to shelter vulnerable servers behind a firewall.

The vulnerability involves the Microsoft's implementation of Remote Procedure Call protocol, more specifically the component that deals with message exchange over TCP/IP. Malformed messages received by the Endpoint Mapper process, which listens on TCP/IP port 135, might cause a server to hang.

Microsoft has provided patches with this bulletin to correct this vulnerability for Windows 2000 and Windows XP, but not Windows NT 4.0 - even though the OS is affected.

In a surprisingly candid admission, the company states that fixing NT4.0 is simply too difficult.

"The architectural limitations of Windows NT 4.0 do not support the changes that would be required to remove this vulnerability," Microsoft says. "Windows NT 4.0 users are strongly encouraged to employ the workaround discussed in the FAQ in the bulletin, which is to protect the NT 4.0 system with a firewall that blocks Port 135."

Firewalling will probably keep external attackers at bay but the flaw gives attackers with intranet access considerable scope to crash, though not (it would seem root), inherently vulnerable NT4 boxes. ®

iroc409 03-27-2003 01:21 PM
so when's the press release about vulnerabilities in xp? and what about 2000 server?

2000 server's vulnerability is what fux0red the net.

Lane 03-27-2003 01:24 PM
just use XP pro.. why bother with old shit

rossiya2 03-27-2003 02:12 PM
It's not the code that's fucked. It's the version number.

That a company sells new code based on the shittiness of their old code is a pure Enron game. And then the new shit has the same problem as the old shit only they're not going to bother fixing the old shit because that customer won't shovel more $ at Microsoft. Oh and you get customer service if you pay $25 for them to listen and fill your head with buzzwords ripped off the UNIX code they copied.

Oh and you need to buy a new computer also for your security patch because 2K doesn't work well on the old boards.

Best solution FORMAT C:

NineNine 03-27-2003 02:13 PM
Quote:
Originally posted by Lane
just use XP pro.. why bother with old shit
XP Pro is a desktop, not a server OS.
W2K is solid as shit. If you're serving, you don't want new. Anyone who knows anything wants an OLD, TRIED AND TRUE OS.


All times are GMT -7. The time now is 08:17 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123