[ insider_reports_insider ]
Microsoft Patch Process Called Security Risk
David Utter
Staff Writer
2008-04-25
 Insider Reports RSS Feed
Patch Tuesday could be Exploit Tuesday if malicious hackers escalate the rate at which they reverse engineer security patches.
 | | Microsoft Patch Process Called Security Risk |  |
Imagine the mayhem when the usual crew of Chinese and Russian hackers start cranking out exploits against flaws with new patches in minutes instead of days. Automatic patch-based exploit generation has been discussed and tested by a group of academic researchers.
This research, cited by The Register, means Microsoft may not be able to outrun attackers and their networks of compromised bot machines. The researchers want Microsoft to change the way they issue patches, and suggested ways to do so.
A control set of IP addresses observed in retrieving the latest patches via Windows Update showed it took about 24 hours for 80 percent of those machines to check for a new patch. "Current patch distribution practices stagger patch distribution, usually over hours, days, or longer," the research report said.
If attackers generate an exploit in minutes, and feed it to a botnet for distribution, the problem becomes painfully clear. Something has to change to counter this scenario, with the researchers suggesting three ways to do so.
With obfuscation, each patch could be made to disguise what parts of the code changed with the update. This method would foil the mechanism the researchers developed to do the automatic exploit generation, but not more sophisticated analysis.
Patches could be distributed encrypted, with the software vendor issuing a decryption key after a period of time passed during which the patches reached their destinations. However, such a method would not be of much use against a zero-day exploit with attack code already in the wild, as a fix needs to be available rapidly in that case.
Faster patch distribution through peer to peer networking presents the third option for outracing attackers, and it's one we think Microsoft in particular could implement. We know they have previously developed a P2P system dubbed Avalanche internally, and that the system offers an improved way of assembling files than the current methods used by torrent distributions.
Combine P2P distribution with the suggested encryption approach, and a vendor could push out a patch followed by the decryption key over the system in rapid fashion. This offers a side benefit: ISPs like Comcast and others that introduce false resets into P2P traffic would be underneath a lot of pressure to cease the practice.
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
