Hacker----Understanding Windows System Vulnerabilities

The Windows system is by far the most frequently used operating system, although its security has increased with the release of the update, but due to human-written reasons for the existence of vulnerabilities and defects. But mircosoft the security of the system by releasing patches to make Windows systems no longer compromised. As a result, users need to understand not only the Windows operating system's vulnerabilities and flaws, but also how to compensate for these vulnerabilities and weaknesses.

Windows System vulnerability, also known as security flaw, is the root cause of threats to Windows system security, once hackers seize these vulnerabilities into the attack, the target computer will be controlled. It is necessary for users to understand the causes and pitfalls of Windows system vulnerabilities.

First, the cause of the vulnerability

There are two main reasons:

• Personal factors
• Hardware factors

1. Human Factors

A vulnerability that a developer of a Windows system causes a system due to a technical defect or a specific purpose . Another situation is that in the process of writing the operating system, programmers in order to facilitate later debugging, often in the program code hidden behind the back door .

2. Hardware factors

a vulnerability in which a system cannot compensate for hardware problems caused by a hardware problem . hardware problems usually include the design flaws and incompatibilities of the hardware itself . When the hardware exists design defects, often through the software display, such as the hardware driver and the system is not compatible with the blue screen, the death of the phenomenon, or due to the assembly machine in the hardware of the incompatibility caused by the BSOD and the freezing phenomenon.

Because the widows system is widely used in personal computers, a large number of intruders will begin to study the potential vulnerabilities of the system. Windows system in Linux and other open source operating system, it is a black-out operation, ordinary users can not get the operating system source code, so security issues are mircosoft responsible.

Second, the security problems in the system

The operating system contains a lot of program code, so there are inevitably some security risks. Common security risks include potential bugs in core code, extension spoofing, device file name problems, large and complex registry, cumbersome system permissions allocation, and design errors.

1. Potential bugs in the core code

For an operating system that contains a lot of code, the potential bugs are proportional to the size of the program. Regardless of Windows XP, Win7, Win8, their core code does not change much, resulting in a new version of Windows operating system that inherits the core code from the older version and also inherits potential bugs.

2. Extension spoofing

　　the Windows operating system does not process files exactly according to their extensions, but rather makes preliminary judgments about the nature of the file based on the file header information . If you rename a file Picture.jpg.exe, replace the space with 255 of the ASCII value, and you can see only the picture.jpg file name in Windows. A malicious attacker could connect the file to an executable file, but other people treat the file as a normal photo file.

3, Equipment files no problem

In a Windows system, a user can access a disk partition by using the word linked . For example, use the \. F "To access the F-drive in such a way. This is because when writing certain programs, the module design is insufficient because of the means used to control access to any drive.

4. Registration Form

The registry is very important to Windows, and the registry is actually a very large database that contains the configuration of applications and computer systems, initialization information for systems and applications, association of application and document files, description of hardware devices, status and attributes, and various status information and data. . Because the registry is too large and complex, it is prone to vulnerabilities and is exploited by others.

5, the System authority allocation cumbersome

Almost every object in the Windows operating system can set permissions , such as registry entries, hardware devices, and so on. Such a large access control list is difficult to audit, so many of these objects are likely to be exploited by hackers as backdoor use.

6. Design Mistakes

There are many errors in the design of the Windows operating system. If there is a conflict between the account lockout and the security design of IIS, once the Account lockout policy is enabled, Iuser_ and Iwan_ can be exhaustive, the two accounts locked, no one can access IIS, so at a very small cost to implement DOS.

Hacker----Understanding Windows System Vulnerabilities