MS10-025

[dave <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

So MS retracted their patch saying "It didn't work". How does that happen in this day
and age? Who reminded them it didn't work? Everyone should have stayed quiet and then
just laughed at them at parties!!!

But we're coming up on the time when all Windows 2000 bugs live forever (like
essentially all Solaris 0days do). Outside my metaphorical window I can see hackers
toasting to the 0days that died in their sleep.

If you're using the CANVAS exploit for Media Services then you get the advantage that
it's been tested on Windows SP0-4 (English only) and also steals the socket. You also
get the advantage that you appear to be doing a penetration test against WINDOWS 2000! :>

- -dave


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkvRuacACgkQtehAhL0gheredACeMQ5CHTD2FZg1emFS0DQmV0UM
WzwAnRpdZZfEJQFPrq5lJ83aUqgY1WqW
=/yqn
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave