Bugtraq mailing list archives
RE: Next generation malware: Windows Vista's gadget API
From: "avivra" <avivra () gmail com>
Date: Sat, 15 Sep 2007 03:09:28 +0300
Great overview, Todd! I've just wanted to mention that MS downplayed the vulnerabilities I've found in Vista's Sidebar gadgets. In my blog post (http://aviv.raffon.net/2007/08/16/VistaGadgetsGoneWild.aspx), I've demonstrated a scenario where a worm can be propagated by exploiting the vulnerability in the RSS feeds gadget. I don't understand why Microsoft rated this vulnerability as important, instead of critical. --Aviv. -----Original Message----- From: Todd Manning [mailto:sflist () digitaloffense net] Sent: Thursday, September 13, 2007 8:47 PM To: bugtraq () securityfocus com Subject: Re: Next generation malware: Windows Vista's gadget API On Sep 13, 2007, at 04:16 AM, Tim Brown wrote:
A paper has just been released on the Windows Vista's gadget API. The abstract is as follows: Windows has had the ability to embed HTML into it's user interface for many years. Right back to and including Windows NT 4.0, it has been possible to embed HTML into the task bar, but the OS has always maintained a sandbox, from which the HTML has been unable to escape. All this changes with Windows Vista. This paper seeks to inform system administrators, users and the wider community on both potential attack vectors using gadgets and the mitigations provided by Windows Vista. The full paper can be found at http://www.portcullis-security.com/ 165.php.
Good paper; Since this is out there I figure I'll forward the much shorter article I wrote that details an attack against the contact gadget, which was patched last month. https://strikecenter.bpointsys.com/articles/2007/08/26/vista-gadget- patches-in-ms07-048
Current thread:
- Next generation malware: Windows Vista's gadget API Tim Brown (Sep 13)
- Re: Next generation malware: Windows Vista's gadget API Todd Manning (Sep 13)
- RE: Next generation malware: Windows Vista's gadget API avivra (Sep 17)
- RE: Next generation malware: Windows Vista's gadget API Roger A. Grimes (Sep 14)
- RE: Next generation malware: Windows Vista's gadget API Peter Gutmann (Sep 17)
- Re: Next generation malware: Windows Vista's gadget API Tim Brown (Sep 17)
- Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API Thierry Zoller (Sep 17)
- Re: [Full-disclosure] Next generation malware: Windows Vista's gadget API Tim Brown (Sep 17)
- RE: [Full-disclosure] Next generation malware: Windows Vista's gadget API Strykar (Sep 19)
- Re: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API Peter Gutmann (Sep 17)
- RE: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API Roger A. Grimes (Sep 17)
- Re: [Full-disclosure] Next generation malware: Windows Vista's gadget API Tim Brown (Sep 17)
- RE: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API Peter Gutmann (Sep 18)
- RE: Next generation malware: Windows Vista's gadget API Peter Gutmann (Sep 17)
- Re: Next generation malware: Windows Vista's gadget API Todd Manning (Sep 13)