Original geschrieben von The_Borg
@EarMaster
Die Liste mag derzeit noch kleiner sein, allerdings hatte ME ja auch schion einen großen Vorsprung, damit dei gesamten Bugs bekannt werden konnte, ich glaube eigentlich auch, nach den bereits entdeckten gravierenden Mängeln, dass da noch einiges auf die User wartet.

Original geschrieben von EarMaster

Ich bin aber der Meinung, dass es bei XP wesentlich weniger gravierende Bugs geben wird, als bei ME, dass ja jedes System zum Krüppel machte.

Original geschrieben von The_Borg
Das lag aber wohl einfach daran, weil der Konzern wirklich genial ist und den alten 98 SE Kernel etwas aufpoliert und mit neuen Funktionen kombiniert hat um daraus ein Betriebsystem zu machen, dass man als "neu" verkaufen kann um damit vor der Einführung von XP noch einmal ordentlich Geld mit wenig Aufwand zu machen.

Original geschrieben von The_Borg
Das wird uns wohl erst die Zeit zeigen und ich glaube eigentlich, dass man der Tradition des Konzerns treu bleiben wird.

Original geschrieben von The_Borg
Was ME anbelangt, so hatte ich es selbst niemals, allerdings habe ich schauderliche Berichte darüber gelesen und gehört.

Original geschrieben von The_Borg
Das lag aber wohl einfach daran, weil der Konzern wirklich genial ist und den alten 98 SE Kernel etwas aufpoliert und mit neuen Funktionen kombiniert hat um daraus ein Betriebsystem zu machen, dass man als "neu" verkaufen kann um damit vor der Einführung von XP noch einmal ordentlich Geld mit wenig Aufwand zu machen.

Original geschrieben von EarMaster
Bei XP, würde ich sagen, liegst du da falsch. Dadurch das der Kernel komplett (?) neu entwickelt wurde und Abschied von vieler Windows 9x-Altlast genommen wurde, ist XP wirklich besser als alles was bisher von MS kam (sieht man mal von Windows 3.1 ab, dass wirklich genial war)...

Original geschrieben von EarMaster

Da stimm' ich dir zu. Die Veränderungen die gemacht wurden hätte man auch irgendwie anders in Windows 98 SE integrieren können (wie z.B. den Active Desktop für Win95 (an sich Müll, aber das Beispiel ist gut) mit dem IE 4)...

Original geschrieben von EarMaster

Ich bin aber der Meinung, dass es bei XP wesentlich weniger gravierende Bugs geben wird, als bei ME, dass ja jedes System zum Krüppel machte.

Original geschrieben von UNI
und einige sicherheitslücken gibts auch in Lìnux. nur da ist es so unfair dass das jeder hinnimmt und darüber hinwegsieht..

Original geschrieben von UNI
bei windows wird das sofort als beispiel von MS schlechtheit gewertet...

How will Windows XP cope with security?


Infoworld 5/14/01

Mandy Andress, InfoWorld
During the past year, Microsoft has made a concerted effort to develop secure products. Windows XP, for example, contains a wide variety of security features that proactively protect systems and make security a little easier for the end-user, including the addition of the Internet Connection Firewall (ICF) and automatic updates as well as advancements in the Encrypting File System (EFS), security templates, and smart card support.


ICF, activated by default when you use the networking wizard, blocks all inbound traffic to the system. You can easily tell if the firewall is active by looking at your network connections. Any network connection protected by ICF is red.

ICF is a powerful packet firewall, but it does not have all the features and functionality of an enterprise solution. Its main purpose is to protect stand-alone systems with broadband Internet connections. ICF is ideal protection for telecommuters and corporate remote-access solutions.

ICF is either on or off; you cannot selectively protect specific ports or protocols. You do have the ability to allow a few protocols to pass, such as HTTP, FTP, and L2TP. You also have the ability to define additional ports. ICF also includes logging capabilities that allow you to record unsuccessful inbound traffic and successful outbound traffic. Recording all successful outbound traffic will generate some large, unwieldy log files, but monitoring unsuccessful inbound attempts will give you a good picture of what attacks are being attempted against the system. The log files can be accessed by an administrator and copied to other administrators via the network, giving them the ability to determine if individual machines are under attack.

In an enterprise environment, system administrators want to limit the control individual users have over the ICF settings. Users should not have the ability to disable the firewall or open ports without proper authorization and approval. If they do have this ability, an administrator might be lured into a false sense of security, thinking all users have systems protected from inbound connections when they really have disabled its functionality. To prevent this from happening, ICF settings for Windows XP Professional can be controlled through Group Policy settings. Group Policy can force users to enable the firewall when not connected to the corporate network, for example.

To protect systems from malicious code execution, XP also includes support for software restriction policies. Administrators define rules in Group Policy that control when software is allowed to execute. These rules can be defined based on the file's extension, hash, path, signed certificate, or zone. For example, execution of Visual Basic Script (VBS) files can be denied unless digitally signed by a specified organization or group. Corporate administrators can now sleep well at night knowing their network is safe from users who continue to open suspect e-mail attachments.

EFS, first introduced in Windows 2000, now has the ability to allow multiple users to access an encrypted document. In its default setting, encrypted files appear green to enable easy identification when displayed in a file listing. EFS also works with client-side caching (or Offline Folders) to maintain file encryption when files are on and off the network.

Sharing encrypted files via the Internet without purchasing separate third-party products is now possible with WebDAV, a file-sharing protocol that uses HTTP. IIS 5.0 and the upcoming IIS 6.0 support WebDAV as Web folders, making file sharing as easy as pointing and clicking.

Windows XP also includes security templates (preconfigured collections of security-related policies) for Group Policy to ensure the appropriate level of system security. These templates represent low, medium, and high security configurations, which can be customized to meet the specific security needs of the organization.

To ease the administrative burden of distributing and installing security patches and system updates, Microsoft has included an automatic update feature in XP. You can configure systems to automatically download new updates from the Windows update site. Administrators have a wide variety of options for configuring the mechanism and timing of applying service packs, which can be installed automatically. Microsoft is also working with some success to create service packs and hot fixes that do not always require system reboots.

Windows 2000 added the ability to log on to a system with a smart card. Windows XP extends this functionality to Terminal Servers and administrators. Users with a smart-card reader on their client machine can perform smart-card operations on the Terminal Server machine. XP also adds smart-card support for running administrator tools and utilities. These applications can be very powerful and can easily compromise corporate security if they end up in the wrong hands. XP gives administrators the ability to control access to these tools, such as net.exe, by requiring smart cards to run them.

Windows XP represents an important step forward for Microsoft in its commitment to help secure the enterprise. The features and functionality included in XP ease the security burden for both administrators and users.

InfoWorld Contributing Editor Mandy Andress is president of security consulting firm ArcSec Technologies Inc.

But it isn't just Microsoft that is plagued with bugs and vulnerabilities. All flavors of Linux have their share of serious bugs also. The vulnerabilities below have also been discovered or reported for the month of June:



Procfs Stream Redirection to Process Memory Vulnerability
Samba remote root vulnerability
Buffer overflow in fetchmail vulnerability
cfingerd buffer overflow vulnerability
man/man-db MANPATH bugs exploit
Oracle 8i SQLNet Header Vulnerability
Imap Daemon buffer overflow vulnerability
xinetd logging code buffer overflow vulnerability
Open SSH cookie file deletion vulnerability
Solaris libsldap Buffer Overflow Vulnerability
Solaris Print Protocol buffer overflow vulnerability
These are not all of the bugs and exploits that affect *nix systems, there are at least as many *nix bugs found in the month of June as there are for Microsoft products. Even the Macintosh OS, the operating system that is famous for being almost hacker proof, is also vulnerable. This is especially true with the release of OS X. This is because OS X is built on an OpenBSD Linux core. Many of the Linux/BSD specific vulnerabilities can also affect the Macintosh OS X. As an example the Macintosh OS X is subject to the SUDO buffer overflow vulnerability.

Does all of this mean that you should just throw up your hands and give up? Absolutely not! Taken as a whole the sheer number of bugs and vulnerabilities is massive and almost overwhelming. The point is that if you keep up with the latest patches and fixes, your job of keeping your OS secure is not so daunting.

Original geschrieben von UNI
doch ist es..

auch linux hat tonnenweise bugs.. nur über die regt sich keiner auf..

MFG UNI