Windows patches stop Mac attacks
New patches protect Windows 95 and NT users from "out-of-band data" attacks launched by hackers with Macintosh and Linux computers.
The patches protect users against so-called out-of-band data attacks, which can crash a PC. Unlike previous versions, the new patches protect Windows 95 and NT users against attacks launched by hackers using Macintosh and Linux computers.
The new patches for Windows NT 3.51 and 4.0 and Windows 95 are available on the company's Internet sites.
This year, Microsoft programmers have been forced to create a medicine chest of software remedies to fix potential security risks in everything from the Internet Explorer browser to PowerPoint to Windows itself. Some security experts believe the company is struggling with deep-rooted vulnerabilities in its OS and Internet technologies.
The Net has made it much easier for enterprising bug-finders to broadcast their discoveries to the press and public over email lists and Web pages. This has put intense pressure on Microsoft's engineering groups to quickly come up with patches.
Other companies, such as Sun Microsystems, have also been forced to quickly churn out patches, but Microsoft has been especially hard-hit.
A number of security experts believe Microsoft would have had a hard time avoiding these security problems.
"As a professional programmer, I have a real hard time saying that Microsoft should have seen this coming," said David LeBlanc, senior Windows NT security manager at Internet Security Systems, a developer of security software. "I get hit with this stuff too. With 20/20 hindsight, it's obvious to see what we did wrong. Trying to take into account all the possibilities that can occur beforehand is not realistic."
To exploit the latest vulnerability, Web sites must send a special TCP/IP command known as "out-of-band data" to port 139 of a computer running Windows 95 or NT. Hackers could also target users' PCs by using one of several programs for Windows, Unix, and Macintosh now circulating on the Net. With one program, WinNuke, a hacker simply types a user's Internet protocol address and then clicks the program's "nuke" button to crash a PC over the Net.
WinKiller
is one of several malicious programs circulating on the Internet for "nuking," or crashing, Windows 95 and NT computers.
The company's original patch for Windows NT prevents attacks from Unix and other Windows computers. But because of a difference in the way Mac and Linux computers handle the TCP protocol, the patch didn't squelch attacks from those operating systems.
Today, a company spokesman said the new patches would protect NT and 95 users from Mac- and Linux-based attacks.
A number of users have sent email to CNET's NEWS.COM complaining that their computers were repeatedly crashed while they were in Internet Relay Chat groups. When users are nuked by a hacker, their computer screens often display an error message known as the "blue screen of death."
"The worst part about it is that the delinquents playing with this toy really like to play with it and keep on doing it," said Martin A. Childs, a law student at Louisiana State University in Baton Rouge. "The first time I got hit, I logged on six times before I managed to figure out what was going on."
The out-of-band data attacks also affect users of Windows 3.11, but a company spokeswoman said Microsoft will not prepare a fix for that platform unless users request one.