https://threatpost.com/windows-zero-day-selling-for-90000/118380/
Where were you when the entire windows ecosystem for the past 20 years was owned?
>being a wintard
>>55013384
wincucks better install gentoo now before it's too late. No windows version is safe now
>WINKEKS GETS WINKEKED
>>55013384
Or it could be just a really clever con artist selling a non existent 0 day.
>>55013842
>parjeet in full defense mode
>>55013842
Do you really believe that anon
knowing what you know about windows
do you really believe that
>>55013384
kek
>>55013870
>$95k! only! ALL windoze version hak u buy now!
>one week no takers
>p-price drop! onry $90k now, a-all versions windos
>another week no takers
>o-only $85k, p-please my famiry starving
>>55014366
>a windows exclusive browser is shit
>windows is shit
also: just tried the same with edge, adapts size fluently
>>55014366
> implying
>>55013384
>
>>55014506
Oh wow are you saying a totally different application on a totally different machine with totally different settings for resizing behaves completely different?
who would have guessed
>>55014506
It's about time they fixed that shit with the cmd.exe Window. And it's also about time they sane-ified the Environment Variable window and PATH variable editing.
PowerShell on Linux, when...
>>55014536
It was a joke. I forgot a :^) at the end
I'm not even sure, but I never expected Windows to be secure. Ever since XP I always felt like I was counting the days until it would shit up.
Now I'm using 10 and I'm not getting rid of this feeling, not at all.
>>55014577
>10
>not getting rid of this feeling
by definition the OS you're using is malware
>>55014597
Yeah, I want to get rid of it. My issue is with software compatibility but I'm not exactly fond of any other windows version either. I'm thinking about GPU passthrough.
>>55014577
Dude I stopped using windows ages as my main OS years ago and this perfectly describes why I stopped.
>>55014613
>mfw he can't view the video he just made
>>55014577
I feel you on that. Windows feels pretty invincible as long as you're running in an unprivileged account.
That's not to say you can't get your shit wrecked if you do stupid shit, but the shit just won't leak into the rest of the OS, because Windows actually has a good security model now.
>>55013384
>quick access doesn't enumerate what directory you're actually in
I JUST WANT TO SEE WHAT PROFILE THIS DOMAIN USER IS IN JESUS FUCKING CHRIST ITS FUCKING %CURRENT_YEAR%
%CURRENT_YEAR% WINDOWS JESUS
>>55014506
>>55014366
You do realise there is an option to toggle this.
>>55014662
topkek
>>55014672
Yes that doesn't make it any less broken now go away
>>55014669
>%CURRENT_YEAR% WINDOWS JESUS
I think you meant:%%CurrentYear%%.
Batch uses double-%'s for variable substitution, and we all know Microsoft only uses CamelCase and is allergic to anything with underscores.
Shows what you know, Anon.
>>55014689
>lying on the internet
>>55014662
ITT: the ">muh 25 year old bash exploit" shills go into hiding over a much worse 16 year old local privilege escalation exploit
>>55014689
child detected. go to bed.
>>55014918
faggot detected. go eat a dick
>>55014655
what are you using now?
>>55014970
Linux, Antergos for the moment but I've been considering switching to Debian Unstable or openSUSE or something.
>>55013384
Well, with free software this wouldn't happen.
>>55014613
nigga are you on 10.6.8
>>55014986
To add on to this, when I first switched I went to CrunchBang which was based on debian stable. CrunchBang's dead now and replaced with BunsenLabs though.
>>55013384
>Cuckblows with a vulnerability
boo-hoo such a big news
>>55015064
>41% of all windows vulnerabilities are of critical importance
This is actually pretty impressive. Terrible and sad, but impressive.
>>55014931
>>55015042
I assume you don't have the need for photoshop and things like that.
>>55015100
>Most amount of vulnerability
>Highest weighed average
Why do people use Windows outside a VM these days?
>>55015064
>99% of desktop market
>only has 50% of desktop market vulnerabilities
This is actually pretty impressive.
>>55015131
I don't work with photo editing at all so no. The tiny amounts of basic photo editing I do (cropping screenshots, and making slight adjustments to textures) can be done just as well in GIMP.
Even if I was some fancy photographer person, apparently Photoshop CS6 runs basically flawlessly under WINE.
>>55015131
>I assume you don't have the need for photoshop and things like that.
because dual booting, using windows in a vm, or using windows in a vm with native access to a gpu with vt-d is totally not a thing, faggot
>>55015033
I wish. Sadly it's 10.9
>>55015137
>Microcuckold trying to justify the half of all known vulnerabilities in wangblows
LMAO Go sell your POS OS for 90 grands or so
>>55013779
>Meanwhile in Linux-land, pacman has once again, borked X.org.
>>55015137
>99% of desktop market
85%*
>>55015192
>Meanwhile in the land of wincuckolds, PC turned itself on again
>>55015172
didn't mean it like that, anon
>>55015064
microsoft makes a hell of a lot more software than apple or oracle though desu
>>55015480
>lot more software
lot more vulnerable software
Fixed
>>55015480
They kind of don't though. Oracle, maybe. But they're about on par with apple.
>>55015192
>Meanwhile in Linux-land
>pacman
>Linux-land
I think you mean arch-land :^)
>>55015295
then I apologise
>>55014613
>russian osx
I thought russians killed off all the gays.
>>55015553
>But they're about on par with apple.
what?
right so apple make
>osx
>ios
>iworks and related desktop software
>bunch of ios app
>icloud services (docs, mail, find my phone)
>apple music
>itunes
microsoft make
>windows
>windows phone
>office
>project
>visio
>sharepoint
>azure
>bing
>visual studio and relates services
>outlook.com
>hyper-v
>forefront
>sql server
>skype
>system center
>directx
>exchange
>iis
i could probably name more but that is just off the top of my head.
>>55015798
oh yeah and dynamics which is fucking massive just on its own.
>>55015798
>osx
Jobs' company did it, not Apple.
>>55015888
you literally had to write "pacman" instead of "package manager". Why not change "linux" to "arch linux" you i686/AMDx64 faggot
>>55015934
>Prajeet trying to talk tech
>>55015192
>how to prevent gnu/linux from updating:
just don't run pacman
>how to prevent windows 7 from """""updating""""" to windows 10:
....
>>55013384
The exploit probably has to do with the fact that the Windowing System in Window is running at the kernel level
https://en.wikipedia.org/wiki/Architecture_of_Windows_NT
>>55015959
>>55015951
go fix your xorg.conf and never come back pls.
>>55015591
related.
Linux is great but we dont need arch autism.
>>55015998
Go reinstall your malware infected wangblows and never come back from /v/
>>55015167
CS6 works fine for me under wine although CC is buggy.
>>55016023
arch people dont realize there are other linux users on earth i guess. Or are we using babbies distros that work and have installers to save time instead of promoting manual labor of typing every mount point/locale/timezone so we are not linux users ?
>>55016104
>What is the architect installer
Also, what's your point?
>>55016139
its unofficial buggy shit.
My point is using cfdisk or whatever you use+mkfs+mount + running pacstrap /mnt base is not a sign of elitism ,its autism that retarded people promote. If it really was KISS it would be automated. Installing arch is like calculating shit on a calculator and then inserting it into a spreadsheet. All non autistic people use debian sid minimal if they want to build a rolling system from base up with vanilla packages.
>>55016245
>Buggy
What bug did you see?
>it would be automated
It is. Gentoo is manual to some extent.
>>55016104
The thing about arch users is that they only have to install arch once every five years when they buy a new machine. Ubuntu users need to reinstall every 6 months so it's understandable that they think that installing should take less than 15 minutes (which is how long it takes to install arch.)
>>55013384
>win32 scroll bar exploit
who would pay for a publicly known exploit?
>>55016333
Oh also that.
Can't wait to get the distro broken at each update
>>55016333
>Ubuntu users need to reinstall every 6 months
How come?
>>55016479
From what I hear Ubuntu still regularly breaks every update. That was also my experience when I used it back in 04.
>>55016479
http://fridge.ubuntu.com/2015/07/03/ubuntu-14-10-utopic-unicorn-reaches-end-of-life-on-july-23-2015/
>>55016296
well lets see ,install gnome with it and have to fix fonts and icons because they are not appearing, also usual nvidia/xorg.conf shit
also gentoo is manual because you can install it on more than two architectures , and you can optimize it/configure it for very specific need, while arch is well a normal distro with autism behind it.
>>55016333
>Using ubuntu as an example
you can do better. Also any other linux can be installed in 15 minutes, with an exception of maybe opensuse or debian netinst when you install gnome3/kde. And you dont have to fuck around with configs , unless you want to (yes you can configure shit like on arch on other distros as well, with the difference that arch makes you do it) Arch offers no real advantages over other oses and forces you to do extra work for nothing.
>>55016493
Major updates is 14-15 or the package updates?
>>55016514
Hm, I never had to configure anything on my system to get it working. But if you're using nvidia then it makes sense that you have to work more since nvidia doesn't really have open drivers. I just use intel graphics so there is no problem there.
>>55016540
Updates between major releases.
>>55016514
>install gnome with it
GNOME comes with Cantrell font pre configured. I personally use KDE but you dont even need to do anything with icon cache because adwaita generally works ootb
>>55016479
they think anyone actually uses short term "testing" releases for anything other than gaming/benchmarking/checking out whats new. Ubuntu is a "special" case distro and you should really compare to debian instead, a place where people dont introduce broken packages in order to fit into .04 and .10 schedule. Also where all main packages get security updates. And also any Fedora release is better at being short term than ubuntu.
>>55013384
microsoft has most probably already bought it for much more than that. or the US government has bought it.
>>55013384
>The listing for the exploit describes itself as an “exploit for local privilege escalation (LPE) for a 0day vulnerability in win32k.sys. The vulnerability exists in the incorrect handling of window objects, which have certain properties, and [the vulnerability] exists in all OS [versions], starting from Windows 2000,” according to the seller.
Its scrollbars in kernel all over again
>>55016585
Except nobody bought it in the first week and they brought the price down $5K.
>>55016591
>Its scrollbars in kernel all over again
¿Que?
>>55016556
its not that i didnt have font config, its that every menu looked like ??????????????????? and there was no icons for anything, so blank windows with ??????????????????? everywhere. reinstalling gnome in tty fixed it but it just proves that there was something wrong with architect at the moment.
>>55016555
really now , you never had to configure a mirrolist back in the day (from what i know now its not needed), never had to set locale/terminal fonts to display your language specific characters? never had to manually mount partitions you made and generate fstab while installing? i mean you made the partitions , mounted them and you need to generate fstab because the stupid thing cannot be automated. Its needless manual labor. It may give you some choice on what to use, bootloader , network manager , stuff like that, but why do you have to manually configure your ethernet connection after installation when it works on the installer automatically? its just adding needless extra steps in order to maintain "elitist" status while actually its all simple but needs manual labor.
>>55016716
Configuring mirrorlist is optional and you only need one nearest mirror.
Also who the fuck uses anything but English in their OS?
Why would hackers waste a 90K zero day on some plebians computer ?
They will use it to hack into a larger network of computers to steal data from there.
If linux were to have a larger market share they would be more exploits for it too
>>55016690
>sell it to one person
>said person keeps it a secret because of how critical it is and they want to craft an exploit
>use this to your advantage to keep reselling it to different people who all keep quiet
>profit
>>55016700
Windows renders both fonts and even scrollbars inside the kernel, and this has been used in exploits to completely take over.
>>55016743
linux might even be a more attractive target considering all the servers that run on it. You crack open one windows PC and you get some random faggot. Crack open a server running linux and you get your foot in the door for potentially thousands of people.
>>55016794
>Crack open a server running linux and you get your foot in the door for potentially thousands of random faggots
*ftfy*
>>55016763
It also runs the windowing system inside the kernel too, what the fuck are Windows NT devs doing?
>>55016732
well non-native english speakers who have family that doesnt speak english for example. Or who work faster when using their language. Literally more than 90% of people i know. Back in the day i remember having to configure mirrorlists was mandatory in order to install the system. Maybe something was fucked up with the mirrors or i used an old iso (it was more than 6 years ago) but im sure i had to do it or it wouldnt install.
>>55016794
I think you're forgetting that this 0 day also affects Windows Server, Active Directory and Exchange are serious business
>>55016901
thanks anon, can't believe I missed that.
>>55016916
They're serious business, yeah. But AD and all that are usually used internally, kept away from outside access, right?
>>55016931
Not unless the business happens to be using Azure for it, which is entirely "cloud" based, but that shouldn't matter as you can still break into the network behind a router and access physical AD servers anyway
>>55016906
This plays counter to what I've heard about the NT kernel... I heard that it was actually incredibly modular and well-designed, and stuff like Win32 crap was all cleanly separated from it.
Yes, the Windows APIs are summer internship-tier, but I've always heard the kernel itself was an engineering masterpiece.
>>55016959
I'm going by this diagram:
https://upload.wikimedia.org/wikipedia/commons/5/5d/Windows_2000_architecture.svg
I don't know though, they might have modified that since then, although seeing how modern versions of Windows are incapable of running full interactive text mode and still has to use a full on CMD Window for things like Windows Server Core I'm not so sure.
Wintards will defend ANYTHING
>>55016959
>I've always heard the kernel itself was an engineering masterpiece
>>55016999
>Wintards
Wincucks*
>>55016997
Yeah, I was referencing Windows in more recent years. I have no idea about Windows 2000.
Also, isn't it possible to run Windows Server headless now? I remember being able to download a headless version when I was fucking around with the Windows Server 2016 Technical Preview.
>>55016915
You hadn't set your layout and locale properly. Newfags' remorse
>>55017018
A cuckold is the husband of an adulterous wife. In evolutionary biology, the term is also applied to males who are unwittingly investing parental effort in offspring that are not genetically their own.
This has nothing to do with cuckoldry, no matter how hard you meme.
>>55017019
It is, via Powershell, but Powershell is so famously verbose that I would rather not
>>55017044
Same Anon here, and I use/love PowerShell.
I think it's a pretty fucking great shell, and it was designed by ex-Unix at Microsoft who knew about why Unix-style tooling was so great. And who, unlike most Microsoft culture, understood that less was more, and it wasn't about cramming as many features as they could into it.
You do have a point, because sometimes stuff like "-f" has to be written as "-ErrorAction SilentlyContinue". But I don't mind the extra verbosity because I'm in a Windows environment, and things are different (e.g., object-oriented pipeline, nigga).
Wouldn't want to user PowerShell on Linux though, but for Windows, I think it's been a boon.
>>55014613
Am I supposed to be able to read this shit?
>>55017131
He's just pointing out that the desktop being presented in folder view still shows that there are two objects, which is only true for the actual desktop view.
>>55017106
>Someone who actually enjoys power shell
This just... sounds wrong.
Bittong into one of my two linux distros when i get home
>>55016959
>Engineering masterpiece
>Scroll bars, text, and more all rendered inside the kernel.
Okay, I'm probably (certainly) just retarded, but can someone explain to me what this webm has to do with the exploit described in the article? All I see is a person clicking once on the recycle bin in quick access, then going to the desktop folder to show a directory called "There's nothing here". Where was this showing the attack?
>haha wincucks BTFO forever!
>NO DON'T TALK ABOUT BASH THAT NEVER HAPPENED NO
>>55018804
Hey, OP here. The webm is totally unrelated to the article and the exploit other than both bashing windows.
>>55018870
>GUYS THIS ISN'T THE ONLY EXPLOIT THAT'S BEEN FOUND
>SO DELETE THIS AND FORGET IT EVER HAPPENED
Faggot get off /g/.
>>55016906
Back in NT4 days, they moved parts of User32 and GDI from user mode to kernel mode for performance reasons. And Win95 compatibility
>>55019586
>text
>performance reasons
>>55014689
Maybe next time, champ.
>>55014672
what ff theme anon?
>>55015133
Because intel blocked vt-d in a bunch of their chips for a long while.
>>55020159
^this
it's the reason I still dual boot even though I never actually boot into windows. Still, if I ever feel like a total tard it's there for me.
>>55020159
Great reason to go AMD here. They never held back features.
>>55013384
>https://threatpost.com/windows-zero-day-selling-for-90000/118380/
There is no mention about how this exploit gets actually installed on a machine.
It probably needs physical access to the machine or the user installing some random shit from the internet.
So, meh, nothing interesting. If you're not a literal retard, you'll never get to meet any of these vulnerabilities. These are made to extract money from Microsoft or big companies, they're not targeted at home users. Nobody is interested in cracking your home porn collection and your music folder.
