The response to criticism by Christopher Budd of the MS08-068 patch has been welcomed.

 

Eric Schultze, CTO at Shavlik, said that he was very happy with the response and with Microsoft's actions, but there was still a problem that has been left unaddressed.

 

Schultze said: “I think he was spot on with his response, he was trying to push this thing through but my issue with this was I was working there back in 2001 and we tried to get it fixed but the Budd office told me that they couldn't.

 

“Christopher said that they knew about it and if they tried to address and patch it then they could break things, they then said that they don't know how to fix it.

 

“I guess this began again about a year ago when they tried again to fix it when they realised that they had the capability to do so. Microsoft discovered a way to make their fix work, but my concern is that because they couldn't fix it back in 2001, computers have been sitting vulnerable for over seven years.

 

“However I can see that there is still one weakness in the overall protocol which they may not be able to fix. Typically a SMBRelay works by me logging on to a machine that has come to my website, a vulnerability still exists by a user coming to my website, and although I can't access that machine I can access any other machine that is networked to it.

 

“Microsoft has looked at the packet and the variant that still works will mean that machines will still be vulnerable. I believe that the only way to fix this is to use SMB signing, which Budd did not discount.”