funsec mailing list archives
RE: Re: Image-handling flaws put Windows PCs at risk
From: "Wolfe, James M" <james.m.wolfe () lmco com>
Date: Thu, 10 Nov 2005 09:06:12 -0500
Actually, I just wrote a small executable that changed the registry to open certain file types in Notepad as someone mentioned earlier. It isn't so much a matter of reading the documentation or even removing those that you don't want as it is removing crap that you don't need. I've told Microsoft many times that ANYTIME one of their developers stands up in a meeting and says "wouldn't it be cool if" they should be forcibly removed from the premises after being smacked around a bit. :-D Regards, James -----Original Message----- From: James Eaton-Lee [mailto:james.mailing () gmail com] Sent: Thursday, November 10, 2005 7:03 AM To: Barrie Dempster Cc: Wolfe, James M; funsec () linuxbox org Subject: RE: [funsec] Re: Image-handling flaws put Windows PCs at risk
As a corollary to this, as well as disabling WFS and removing the file
altogether, it would also have been relatively >simple to add an 'everyone deny' permission to this file in order to prevent it from being used - although I'm not sure >quite what this particular file might break if removed (or ACL'd), I've used this on DLLs in the past quite successfully >where removal of the file hasn't been appropriate (or where it's been a temporary measure)
Using file permissions would also have let you deploy this via group
policy (or as a security policy, since you seem to >prefer NT) to a large number of machines with ease (Computer Configuration/Windows Settings/Security Settings/File System >in the Group Policy tree) - not so much a case of "So much for being able to remove features that you don't want." as "So >much for reading the manual". :P
- James.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Image-handling flaws put Windows PCs at risk Richard M. Smith (Nov 08)
- Re: Re: Image-handling flaws put Windows PCs at risk Jeff Rosowski (Nov 08)
- <Possible follow-ups>
- RE: Re: Image-handling flaws put Windows PCs at risk Wolfe, James M (Nov 09)
- RE: Re: Image-handling flaws put Windows PCs at risk Richard M. Smith (Nov 09)
- RE: Re: Image-handling flaws put Windows PCs at risk Barrie Dempster (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk James Eaton-Lee (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk Wolfe, James M (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk Barrie Dempster (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk Drsolly (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk James Eaton-Lee (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk Drsolly (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk Barrie Dempster (Nov 10)