DEP vs Windows Firewall



  • Found this thanks to uneasysilence.com

    Nowonder noone trusts Microsoft products when Microsoft don't even trust their own security:



  • We had this discussion already. No WTF since a good security program must not make any hardcoded exceptions. If MS DEP trusted all MS products by default, everyone would scream M$ CONSPIRACY SECURITY HOLE M$ SUX OMGWTFBBGONEONE - And they would be right.



  • Yeah, if DEP has kicked in then that means that the firewall WAS about to execute some data, which would have either crashed it anyway or been a MAJOR security breach.

    I'd go looking for viruses/malware myself, but it's possible the firewall just has a bug (which is still not good).
     



  • <FONT face="Times New Roman" size=3>I was actually initially going under the assumption that it was a bug with windows firewall itself, I know that this is correct for DEP to end the firewall process in such a situation as it is in direct conflict with programming/security standards set by microsoft. I posted it as I still found such a pop up asmusing</FONT>



  • @PSWorx said:

    OMGWTFBBGONEONE

    I've seen OMGWTFBBQ before... what's the "G" stand for?



  • Indeed, it looks like it might be a buffer overflow exploit. Whoever saw this should be grateful Microsoft doesn't trust their own software, otherwise down in Cork they'd be known as a langer.



     



  • @Thief^ said:

    Yeah, if DEP has kicked in then that means that the firewall WAS about to execute some data, which would have either crashed it anyway or been a MAJOR security breach.


    Or it could simply be self-modifying code.  It's a slightly-too-clever way to implement firewall rules, and if done without paying careful attention to code pages vs. data pages, will trigger DEP.



  • @RaspenJho said:

    @PSWorx said:

    OMGWTFBBGONEONE

    I've seen OMGWTFBBQ before... what's the "G" stand for?

    BB-GONE of course. It's a common idiom meaning that the bulletin board just broke down after getting slashdotted. Jeez, really... and you call yourself Internet experienced...



  • @PSWorx said:

    @RaspenJho said:

    @PSWorx said:

    OMGWTFBBGONEONE

    I've seen OMGWTFBBQ before... what's the "G" stand for?

    BB-GONE of course. It's a common idiom meaning that the bulletin board just broke down after getting slashdotted. Jeez, really... and you call yourself Internet experienced...

    I never heard this one either, sorry. Maybe it's just too new.



  • ;)


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.