- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
The quality of the support ticket text reminds me of my time working Customer Service for World of Warcraft (even though the article mentions it's probably not that MMORPG).
On a related note, using anything except Windows built-in Defender for AV is probably needlessly slowing down your computer. I worked out over 20 years ago that all AVs are locked in this arms race where their products are continually updated to make them look like they do more protection than any of their competitors, which includes constant notifications of how "hard" they're working to protect your computer or constant additions of new protection types (even if they offer no practical additional protection, but they're sure as hell slowing down your PC).
And despite all their seemingly extraordinary efforts, they in all likelihood still won't save you any better from new threats compared to Windows Defender which is as quietly and efficiently as possible doing its thing in the background.
Edit Admin
Well, I never knew that about how the Shell dealt with spaces in path names. Given this mechanism, it seems like amoung the many WTFs in this story, having a space in the most used directory to contain executables is one.
Admin
Did/does the windows cmd really work that way? I remember pretty well the stupid errors when you forgot to use quotation marks around paths with spaces instead of the program launching. The article states that cmd makes multiple attempts to find the executable when given a command like 'C:\Program Files\id Software\Doom\Doom.exe -nomusic', but that did not and does not happen. It just bails out with the message "'C:\Program' is not recognized as an internal or external command, operable program or batch file.", no matter if the executable actually exists at 'C:\Program Files\id Software\Doom\Doom.exe'.
That doesn't take away anything from the stupidity of the firewall logic of moving false positively detected malware to the system root, of course.
Edit Admin
IIRC the original article mentions this MMORPG was probably Final Fantasy 11
Edit Admin
Yup, just take a look at the documentation for the behavior of CreateProcess() when the lpApplicationName parameter is NULL:
https://learn.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-createprocessa
In cases where command lines get executed by different users (such as with Windows services), an unquoted command line can sometimes lead to security vulnerability, though often these alleged vulnerabilities require an already-vulnerable system—e.g. writing a new program named
Program.exeinto the root of theC:\drive requires Administrator privileges by default. Aaron Margosis wrote a good article on that back in 2014:https://learn.microsoft.com/en-us/archive/blogs/aaron_margosis/it-rather-involved-being-on-the-other-side-of-this-airtight-hatchway-unquoted-service-paths
Edit Admin
I don't think so. I think that cmd (and command.com if you're on 32-bit Windows 10 or earlier (32-bit Windows 11 is not a thing) just looks down the %PATH% for the first space-delimited word in your command, and passes that as the application-name parameter to CreateProcess(). That in turn disables the "search for stupidities" thing, and I believe it can be overridden by quotes. (Whence the habit of (Windows) Explorer and the console window that if you drop a file/folder whose name includes spaces into a console window, it gets quotes around it.)
Nothing can take away anything from that form of stupidity, ever. It's on the edge of inexcusable. Um, the far edge, on the boundary between "merely" inexcusable and "deserving of immediate and permanent chastisement with a non-memic GAU-8".
Edit Admin
Sure sounds like a story from the Win95 days, not from the 2020s.
But I was devving back then and I agree that neither DOS Command.com, nor Windows Cmd.exe ever did the delimiter slice thing on the application path parameter.
Now what was common was installers adding "C:\Program Files\companyX\productY" to the $PATH variable. To make it "easy" for shortcuts or command scripts to find their app: "just type the short easy human-sensible app name". Which led to all sorts of stupidity once badly done installers had added C:, C:\Program, and C:\Program Files to the path, and there were twelve game.exe or main.exe files in various folders. As each customer had a unique path due to the order in which they installed their various apps, figuring out WTF was going on wasn't always easy.
Admin
To drive off even further on that tangent, this also applies to corporate monitoring software. It's a constant bombardment of nonsense "upgrades", so that corporate IT ghouls can put ever larger numbers on spreadsheets for their boss.