Full Disclosure mailing list archives
Re: Next generation malware: Windows Vista's gadget API
From: Tim Brown <tmb () 65535 com>
Date: Mon, 17 Sep 2007 13:43:35 +0100
On Monday 17 September 2007 13:26:36 Roger A. Grimes wrote:
I'm sorry, we'll have to agree to disagree. I don't see the new attack vector here. I, the attacker, have to make you download my malicious trojan program, which you install on your computer.
Irrespective of the rest of what Roger says (which I agree with FTR), this bit is simply wrong. Look at the PoC that has been made public: https://strikecenter.bpointsys.com/articles/2007/08/26/vista-gadget-patches-in-ms07-048 It's not (just) about downloading malware gadgets. It's about exploiting vulnerabilities *in* gadgets (the default gadgets in Vista, in the case of the PoC). Essentially anywhere a gadget calls for example eval() on untrusted data you *may* have a a problem. Tim -- Tim Brown <mailto:tmb () 65535 com> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Next generation malware: Windows Vista's gadget API Tim Brown (Sep 13)
- Re: Next generation malware: Windows Vista's gadget API Todd Manning (Sep 13)
- Message not available
- Re: Next generation malware: Windows Vista's gadget API avivra (Sep 14)
- Re: Next generation malware: Windows Vista's gadget API Roger A. Grimes (Sep 16)
- Re: Next generation malware: Windows Vista's gadget API Peter Gutmann (Sep 16)
- Re: Next generation malware: Windows Vista's gadget API Tim Brown (Sep 15)
- Re: Next generation malware: Windows Vista's gadget API Thierry Zoller (Sep 16)
- Re: Next generation malware: Windows Vista's gadget API Tim Brown (Sep 16)
- Re: Next generation malware: Windows Vista's gadget API Strykar (Sep 17)
- Message not available
- Message not available
- Re: Next generation malware: Windows Vista's gadget API Tim Brown (Sep 17)
- Re: Next generation malware: Windows Vista's gadget API Peter Gutmann (Sep 16)
- Re: Next generation malware: Windows Vista's gadget API Eric Chien (Sep 17)