From owner-freebsd-hackers Sun Nov 9 00:23:38 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id AAA23200 for hackers-outgoing; Sun, 9 Nov 1997 00:23:38 -0800 (PST) (envelope-from owner-freebsd-hackers) Received: from smtp03.primenet.com (smtp03.primenet.com [206.165.5.84]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id AAA23195 for ; Sun, 9 Nov 1997 00:23:34 -0800 (PST) (envelope-from tlambert@usr06.primenet.com) Received: (from daemon@localhost) by smtp03.primenet.com (8.8.7/8.8.7) id BAA02244; Sun, 9 Nov 1997 01:23:33 -0700 (MST) Received: from usr06.primenet.com(206.165.6.206) via SMTP by smtp03.primenet.com, id smtpd002238; Sun Nov 9 01:23:25 1997 Received: (from tlambert@localhost) by usr06.primenet.com (8.8.5/8.8.5) id BAA18550; Sun, 9 Nov 1997 01:23:22 -0700 (MST) From: Terry Lambert Message-Id: <199711090823.BAA18550@usr06.primenet.com> Subject: Re: Newest Pentium bug (fatal) To: digital@www2.shoppersnet.com (Howard Lew) Date: Sun, 9 Nov 1997 08:23:22 +0000 (GMT) Cc: alk@subtle.east.sun.com, hackers@FreeBSD.ORG In-Reply-To: from "Howard Lew" at Nov 8, 97 07:42:51 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > For Windows users this bug should not be much of a problem unless viruses > start popping up taking advantage of the bug. For FreeBSD it is not very > comforting to know that any misbehaving user can lock up your shell > machine, but in a controlled environment this should not be a problem. A virus isn't the only way it could be done. A Windows user's ISP could be denial of service attacked using the bug, so it could affect them. Active X, anyone? Microsoft made their JAVA capable of calling x86 code (makes it possible to write java wrappers for ActiveX code that isn't security checked for a VeriSign key, right?). Apparent;y Sun was right about it being a mistake for Microsoft to do this. 8-) 8-). Word Macros? Excel Macros? Help files? Email attachments? Screen savers? Desktop Themes? The default for the system directory on Windows NT is world writeable; it seems to me many NT file servers are at risk (not that they weren't at risk without tuning anyway). I'd say "all", but of course NT runs on non-Intel machines... ;-). Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.