There have been a lot of questions regarding the Microsoft’s family of operating systems security over the years.
There are security holes found on a semi-regular basis, but usually they are not that serious.
They usually just involve a hole that is found in the system but no one has written an actual exploit for it except maybe a test case.
And even with the test case, the hole would still not be that major.
Every now and then, there is a huge hole that gets brought to the light by white hat hackers.
There is hole that has been found, discovered by Tavis Ormandy, that affects all of the Windows operating systems.
From Windows 3.1 to the latest release, Windows 7.
This hole is caused by one of the main drawbacks of using the Windows operating system, backwards compatibility.
When we say backwards compatibility, we are talking about the operating systems ability to run programs over twenty years old.
Some OS vendors do almost a complete rewrite, when they release a new operating system.
Not every single time, but when they plan a major update.
Microsoft keeps core parts of it’s operating system available after every release.
They strive for backwards compatibility.
17 Years Later
Doing this allows a program that was written in 1993 to operate on an OS that was released in 2009.
This is usually called “Legacy operations”.
Features such as this are mainly for the benefits of the business user.
Corporations keep old software around that still works, and they are usually hesitant to update.
Since this is normal in the business world, Microsoft goes out their way to accommodate them.
Since they allow this practice to continue, this means that old bugs will continue to surface.
The hole that was found was written 17 years ago.
Virtual Dos Machine
It involves the Virtual Dos Machine that comes with Windows.
The VDM is what allows 16 bit applications to run.
Without getting too technical, the hole allows a 16 bit program, to manipulate the kernel stack of a process.
This allows an attacker to have complete, unbridled access to your machine.
They are running past even what is considered “root” or “administrative” mode.
This can be very dangerous for the average computer user.
Even more so for a business.
If they are able to get that much control of a machine, then they can really mess up someone’s business operations.
There is no patch issued by Microsoft as of yet, but they are promising one soon.
Even though there is no patch, there is still a way that you can avoid being affected by this type of attack.
You can deny access to 16 bit applications.
Most people do not use 16 bit applications anyway, so turning this mode off will not affect them.
You can either use a group policy editor or edit certain Registry settings to accomplish this.
The sooner Microsoft stops supporting legacy applications, the sooner we will not have to worry about problems such as these anymore.
Their concern with backwards compatibility is harming their end users.