Bugtraq mailing list archives
Re: MS signed softwrare privileges
From: secure () MICROSOFT COM (Microsoft Product Security Response Team)
Date: Wed, 23 Feb 2000 20:27:45 -0800
Hi All - We wanted to respond to Juan Cuartango's comments on the purpose of the handling of Microsoft certificates in the Active Setup control. While we love a good conspiracy theory as much as the next person, the reality is that the certificates are treated as they are in order to improve our customers' experience while downloading software from Microsoft web sites. In the past, customers complained about being prompted to "OK" every signed control after they went to one of our web sites to load or update software. Because of this, the Active Setup control treats the Microsoft certificates as "trusted providers". We understand that a few customers may find this behavior undesirable, and we are concerned by the scenario that Elias pointed out. Therefore, we will be modifying the Active Setup control so that it warns before downloading unless a customer has specifically requested that he not be warned in the future. Regards, Secure () microsoft com -----Original Message----- From: cuartango () TELELINE ES [mailto:cuartango () TELELINE ES] Sent: Tuesday, February 22, 2000 8:36 AM To: BUGTRAQ () SECURITYFOCUS COM Subject: MS signed softwrare privileges I would like to clarify some aspects from the Elias post regarding Microsoft signed software. The fact that anybody could install MS signed software using Active Setup component in not very important. The issue is : MS can silently execute any code in our Windows systems just using their signature. MS has privileged their code, even if your IE security setting "Download signed ActiveX" is set to prompt MS software will be installed without prompting the user. It seems that MS has left a back door that will allow them to perform any action in the Windows systems just visiting a WEB page or opening an e-mail message. I have prepared a demo in : http://www.angelfire.com/ab/juan123/iengine.html This demo shows the diferent behaviour of IE when the ActiveX is signed by MS or signed by others. This issue opens a big security and privacy hole, MS can take complete control over our systems using this backdoor. In this backdoor acceptable ? In my opinion It is not, I have worked 18 years for diferent OS software manufacturers and I have never installed one line of code without a previous user approval.
Current thread:
- MS signed softwrare privileges cuartango () TELELINE ES (Feb 22)
- Re: MS signed softwrare privileges Dax Kelson (Feb 22)
- Re: MS signed softwrare privileges Bob Fiero (Feb 22)
- <Possible follow-ups>
- Re: MS signed softwrare privileges Steven M. Bellovin (Feb 23)
- Re: MS signed softwrare privileges Microsoft Product Security Response Team (Feb 23)
- Re: MS signed softwrare privileges Simple Nomad (Feb 24)
- BID 994, MS00-010 (Site Server Commerce Edition non-validated SQL inputs) Ben Greenbaum (Feb 25)