Stories
Slash Boxes
Comments

SoylentNews is people

Microsoft Modifies Open-Source Code, Blows Hole in Windows Defender

posted by chromas on Monday April 09 2018, @06:12PM   Printer-friendly
from the (unsigned⠀int) dept.

mrpg writes:

https://www.theregister.co.uk/2018/04/04/microsoft_windows_defender_rar_bug/

A remote-code execution vulnerability in Windows Defender – a flaw that can be exploited by malicious .rar files to run malware on PCs – has been traced back to an open-source archiving tool Microsoft adopted for its own use.

[...] Apparently, Microsoft forked that version of unrar and incorporated the component into its operating system's antivirus engine. That forked code was then modified so that all signed integer variables were converted to unsigned variables, causing knock-on problems with mathematical comparisons. This in turn left the software vulnerable to memory corruption errors, which can crash the antivirus package or allow malicious code to potentially execute.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Microsoft Modifies Open-Source Code, Blows Hole in Windows Defender | Log In/Create an Account | Top | 85 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Interesting) by Anonymous Coward on Monday April 09 2018, @09:41PM (1 child)

    by Anonymous Coward on Monday April 09 2018, @09:41PM (#664697)

    From the source code:

    2. UnRAR source code may be used in any software to handle
                RAR archives without limitations free of charge, but cannot be
                used to develop RAR (WinRAR) compatible archiver and to
                re-create RAR compression algorithm, which is proprietary.
                Distribution of modified UnRAR source code in separate form
                or as a part of other software is permitted, provided that
                full text of this paragraph, starting from "UnRAR source code"
                words, is included in license, or in documentation if license
                is not available, and in source code comments of resulting package.

    Might be perfectly legal, if you have good lawyers, because the license says "may be used [to open rar archives] without limitations free of charge" and restricting people from changing your source is such a restriction.

    Starting Score:    0  points
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Total Score:   1  

  • (Score: 0) by Anonymous Coward on Tuesday April 10 2018, @03:51AM

    by Anonymous Coward on Tuesday April 10 2018, @03:51AM (#664815)

    That doesn't sound like FOSS. That's proprietary with access to source code.

    So people, beginning with Microsoft, lay all the blame for Microsoft's screw-up on FOSS, when the code wasn't even FOSS to begin with? Typical.