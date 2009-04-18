from the (unsigned⠀int) dept.
A remote-code execution vulnerability in Windows Defender – a flaw that can be exploited by malicious .rar files to run malware on PCs – has been traced back to an open-source archiving tool Microsoft adopted for its own use.
[...] Apparently, Microsoft forked that version of unrar and incorporated the component into its operating system's antivirus engine. That forked code was then modified so that all signed integer variables were converted to unsigned variables, causing knock-on problems with mathematical comparisons. This in turn left the software vulnerable to memory corruption errors, which can crash the antivirus package or allow malicious code to potentially execute.
(Score: 3, Funny) by DannyB on Monday April 09, @06:19PM
Microsoft wishes to assure you that this will be patched within 24 months or less. Nothing to be concerned about.
(Score: 2) by turgid on Monday April 09, @06:28PM (2 children)
Seriously?
(Score: 2) by maxwell demon on Monday April 09, @06:32PM (1 child)
I bet the change was done purely in order to conform to some internal Microsoft coding standard. And probably that “simple” task was given to an inexperienced programmer …
(Score: 2) by Runaway1956 on Monday April 09, @07:39PM
"And probably that “simple” task was given to an inexperienced janitor …"
FTFY :^)
(Score: 1, Informative) by Anonymous Coward on Monday April 09, @06:32PM
