Bugtraq mailing list archives
RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
From: "ACROS Security Lists" <lists () acros si>
Date: Fri, 16 Sep 2011 00:05:06 +0200
Hi Adam, I'm afraid you don't fully understand the issue. This is not about placing your own DLL on a local machine so that a chosen application will load it (i.e., user "attacking" an application on his own computer). It is about an application running on your computer silently grabbing a malicious DLL from attacker-controlled location - possibly on a remote share - and executing its code (i.e., attacker with zero privileges on user's computer executing code on that computer). I hope this helps a little. Cheers, Mitja
-----Original Message----- From: iarethebest () gmail com [mailto:iarethebest () gmail com] On Behalf Of adam Sent: Thursday, September 15, 2011 11:26 PM To: Thor (Hammer of God) Cc: security () acrossecurity com; Christian Sciberras; full-disclosure () lists grok org uk; bugtraq () securityfocus com Subject: Re: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission Plus: pretending that you're on the same page as Microsoft (from a security standpoint) to further your own argument is more damaging than it is beneficial. The entire "binary planting" concept was flawed from the very beginning. If you can drop a binary file on a user's machine - make it an executable and be done with it. There's nothing fancy or innovative about forcing applications to use specific DLLs - script kiddies have been doing it for over 10 years to inject custom code in multiplayer games. On Thu, Sep 15, 2011 at 3:59 PM, Thor (Hammer of God) <thor () hammerofgod com> wrote: I'm curious. Who is your contact at MSFT? Who is it that has told you they have a "Binary Planting Clean-up Mission" and where do they mention you as having anything to do with it? If you are going to claim MSFT's actions as substantive to your agenda, how about provide some details? t > -----Original Message----- > From: ACROS Security Lists [mailto:lists () acros si] > Sent: Thursday, September 15, 2011 1:41 PM > To: 'Christian Sciberras' > Cc: Thor (Hammer of God); full-disclosure () lists grok org uk; > bugtraq () securityfocus com > Subject: RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission > > Hey Chris, > > > I bet Microsoft actually like stating they just fixed yet another > > severe bug. > > Zero-day fixing is big business, you know....even if "zero" > > is past a few "days". > > I don't think Microsoft gains much from being able to say they fixed yet > another bug > - maybe if it were a bug they found internally and fixed proactively, but not > like this. And I'm sure they'd rather be doing something else than fixing: > fixing a product costs a lot, and it generates no revenue. > > Cheers, > Mitja _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 15)
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission Thor (Hammer of God) (Sep 16)
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 16)
- Message not available
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 16)
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission Thor (Hammer of God) (Sep 16)
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 16)
- Message not available
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 16)
- Message not available
- Message not available
- Re: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission Jeffrey Walton (Sep 16)
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 16)
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission Thor (Hammer of God) (Sep 16)