Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: "windows update activex"

From: Liu Die Yu <liudieyuinchina () yahoo com cn>
Date: Mon, 21 Jul 2003 20:20:26 +0800 (CST)
i haven't tested it yet.

perhaps downgrading will not work - all patches need
to check current version.

i think the weakest point is:
some out-of-date EXE component that is signed by MS
but NOT installed on windows box with default
settings.

and even better:
it doesn't require reboot.

so we don't downgrade windows, we add new functions.
:-)

do you have some EXE like that?
(if so, this kind of attack will SURELY work)

die


 --- Georgi Guninski <guninski () guninski com> 的正文:>
Liu Die Yu wrote:

BUT it's hard for the attacker to execute his EXE.
i've traced into the module("IUENGINE.TEXT").



Has someone tried downgrading windoze by installing
old signed stuff (probably a
very old m$ patch as exe will do, or just some old
signed installer from m$)?
After downgrading, old bugs start working.

georgi



_______________________________________________
Full-Disclosure - We believe in it.
Charter:

http://lists.netsys.com/full-disclosure-charter.html 

_________________________________________________________
Do You Yahoo!? 
国内电邮用户反垃圾调查拉开帷幕
http://cn.rd.yahoo.com/mail_cn/tag/?http://cn.tech.yahoo.com/zhuanti/laji/index.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: