CTF, a little-known Microsoft protocol used by all Windows operating system versions since Windows XP, is insecure and can be exploited with ease. According to Tavis Ormandy, a security researcher with Google’s Project Zero elite security team and the one who discovered the buggy protocol, hackers or malware that already have a foothold on a user’s computer can use the protocol to take over any app, high-privileged applications, or the entire OS, as a whole. Currently, there are no patches for these bugs, and a quick fix isn’t expected, as the vulnerabilities are deeply ingrained in the protocol and its design. What is CTF? What CTF stands is currently unknown. Even Ormandy, a well-known security researchers wasn’t able to find what it means in all of Microsoft documentation. What Ormandy found out was that CTF is part of of the Windows Text Services Framework (TSF), the system that manages the text shown inside Windows and Windows applications. When users start an app, Windows also starts a CTF client for that app. The CTF client receives instructions from a CTF server about the OS system language and the keyboard input methods. If the OS input method changes from one language to another, then the CTF server notifies all CTF clients, who then change the language in each Windows app accordingly, and in real-time. CTF, the gateway to… everything What Ormandy discovered is that the communications between CTF clients and the CTF servers aren’t properly authenticated or secured. “There is no access… [Read full story]
ZDNet is a business technology news website published by CBS Interactive, along with TechRepublic. The brand was founded on April 1, 1991, as a general interest technology portal from Ziff Davis and evolved into an enterprise IT-focused online publication owned by CNET Networks.