Task Manager
A couple of questions...
One, there is no "TaskManager" key under HKCU\Software\Microsoft\Windows
NT\CurrentVersion in either XP or Vista. And making one, and then
adding a null-value "Preferences" REG_BINARY value didn't affect
taskmanager at all... Is this specific to the German version of XP or
something?
And you have to be an administrator to write to the
HKLM\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DoReport value you
Operating System: Windows XP Pro SP2
Hardware: 1.8ghz (single core) & 1GB ram.
However, I just tested the vulnerability in chrome and the incidents were different. In Google Chrome it appears to perform a deadlock of the browser while on FireFox it performs a starvation "attack" by opening a huge amount of windows and thereby eventually "killing" all the ram making Windows completely useless (almost).
The only thing I could do was to logout and then log back in. Task Manager was unable to help me even though it was set to "Always On Top". If the Task Manager was opened first then I might have had a chance but if it weren't then 4 out of 5 times the best option would be to logout and then re-login.
I believe this is a kind of functionality bug versus denial of service bug in FireFox which unfortunately is not related to the Chrome Bug.
This was tested at my work since I don't have Google chrome installed on my linux installation at home. However I believe this can be used / triggered against any other application installed that FireFox knows exists on the target operating system. :-)
different. In Google Chrome it appears to perform a deadlock of the browser
while on FireFox it performs a starvation "attack" by opening a huge amount
of windows and thereby eventually "killing" all the ram making Windows
completely useless (almost).
The only thing I could do was to logout and then log back in. Task Manager
was unable to help me even though it was set to "Always On Top". If the Task
Manager was opened first then I might have had a chance but if it weren't
then 4 out of 5 times the best option would be to logout and then re-login.
I believe this is a kind of functionality bug versus denial of service bug
Description
-----------
We could not find out the definitive description for Internet Explorer from Microsoft website. This is our own understanding of the application: Internet Explorer is a web browser.
We have discovered a remote DoS vulnerability in Internet Explorer 7 and 8. When visit a malicious page, the browser may freeze indefinitely and killing it in Task Manager is required. With IE8's default settings, killing the tab process simply launches another process and goes to the same malicious page, hence repeating the cycle. The root cause is unknown to us. We suspect that it is related to the display of unprintable characters on Windows XP, and Vista. The same problem does not occur in Windows 7.
Microsoft has classified this vulnerability as a stability (not security) issue and will be addressing it in the next version of the application.
Workaround
----------
DoS:
http://websecurity.com.ua/uploads/2009/IE%20DoS%20Exploit10.html
With this exploit in IE6 the browser blocks, so it's become impossible to
use it and it's only possible to close it (via Task Manager).
With this exploit in IE7 the browser freezes after click on the link .
Vulnerable versions are Internet Explorer 6 (6.0.2900.2180), Internet
Explorer 7 (7.0.6000.16711) and previous versions (and possible next
When Outlook was launched via "RunAs" (no matter whether I executed
Outlook.exe in a secondary "RunAs" command prompt or directly from the
the interactive session), what happened was that a separate instance of
Outlook did indeed launch, but it displayed the "concurrent" user's
folders and NOT those of the user used to RunAs - no matter how you
launched it! If during this time you viewed Task Manager, you would find
that even though you saw two differnt windows running, and though you
could interact with them individually (meaning, you could open different
sets of folders in each separately, but they were for the same user) you
only saw one instance of the .exe running. The first thing I thought was
"Voodoo!!" I then said to myself, "Self, even though you launched it in
- All versions below Firefox 3.5
[1]
--- Comment #28 from PBForeman <dufalcon@yahoo.com> 2009-07-08 09:14:00 PDT ---
When FF3.5 is open, cpu eventually runs 99%, using over 100,000K of memory.
Closing FF does not stop the cpu or memory usage. Closing with Task Manager is
the only way to exit FF. Previous versions of FF all ran stable, problem
started with 3.5. Closing and restarting does not solve the problem. Removing
program and reinstalling clean does not solve anything. Same settings were used
from previous version to install FF3.5. Once cpu maxes out, FF ties up entire computer.
DoS:
http://websecurity.com.ua/uploads/2009/IE%20DoS%20Exploit10.html
With this exploit in IE6 the browser blocks, so it's become impossible to
use it and it's only possible to close it (via Task Manager).
With this exploit in IE7 the browser freezes after click on the link .
Vulnerable versions are Internet Explorer 6 (6.0.2900.2180), Internet
Explorer 7 (7.0.6000.16711) and previous versions (and possible next
Step-by-step illustration
1) Firstly make a backup copy of the "Run" key (i.e. Runs).
NOTE: This step is actually not required, however, will look less suspicious
in the Task Manager. You could in fact just execute steps (2) and (5) & (6) if
you wish.
i.e. Command prompt
reg copy HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Runs /s /f
by clicking the OK or Cancel button, pressing <Alt>+<F4> or
clicking the close button in the title bar. No matter what the user
chooses, the temporary file will persist locally until the PowerPoint
presentation is closed. Consequently, user interaction is required,
however the only way to stop the exploit from running is by closing
PowerPoint through Task Manager.
------------------------------------------------------------------------
Macros
------------------------------------------------------------------------
It is also possible to perform the steps used in the PowerPoint examples
Dear list,
after weeks of total ignorance by Microsoft I decided to finally
release all information
related to a bug, that has to do with the Windows XP SP2 Taskmanager.
Manipulating
a Registry key makes it possible to disable the Taskmgr. On the next
startup it will crash with
an error message. It is possible to backup the key and repair the
Registry doing so, but
brlc> downloading them. Upon parsing a multikill mail with more than about 216
brlc> parts, some library function goes into an endless loop. Outlook never
brlc> finishes downloading the multikill mail, it stays in the mailbox. Outlook
brlc> never closes the connection to the mail server, which is not nice to the
brlc> mailserver. Outlook can only be stopped by killing the process from the
brlc> task manager.
brlc> To be more exact, the bug seems to reside in InetComm.dll in the
brlc> MimeOleClearDirtyTree function. I would guess at a short-integer overflow,
brlc> which results in the infinite loop.
Where: From remote
======================================================================
3) Vendor's Description of Software
"TaskFreak! Original is a simple but efficient web based task manager
written in PHP."
Product Link:
http://www.taskfreak.com/original
For what is is worth...
I'm running MR4 version (11.0.4000.2295) and executing the command under a non-privileged account does throw a dialog box with the error message. It also puts an event in the application event log to the effect of "Faulting application smc.exe, version 11.0.4000.2261, faulting module msvcr80.dll, version 8.0.50727.1433, fault address 0x000079f", but watchng task manager SMC.EXE running under the SYSTEM user and SMCGUI.EXE running under the same non-privileged account never dies. I do see an additional SMC.EXE process startup under the non-privileged user, but it is the process failing. I also tried this running the command with an admin account with the same results.
downloading them. Upon parsing a multikill mail with more than about 216
parts, some library function goes into an endless loop. Outlook never
finishes downloading the multikill mail, it stays in the mailbox. Outlook
never closes the connection to the mail server, which is not nice to the
mailserver. Outlook can only be stopped by killing the process from the
task manager.
To be more exact, the bug seems to reside in InetComm.dll in the
MimeOleClearDirtyTree function. I would guess at a short-integer overflow,
which results in the infinite loop.
Where: From remote
======================================================================
3) Vendor's Description of Software
"TaskFreak! Original is a simple but efficient web based task manager
written in PHP."
Product Link:
http://www.taskfreak.com/original
|
