Full Disclosure mailing list archives

Re: verizon vs m$

From: Larry Seltzer <larry () larryseltzer com>
Date: Sun, 5 Dec 2010 21:05:26 -0500

I think the Intranet zone was Medium in IE6 but of course there was no
Protected Mode there. Maybe that's where the confusion is from.

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Thor
(Hammer of God)
Sent: Sunday, December 05, 2010 8:50 PM
To: Georgi Guninski; full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] verizon vs m$

I don't understand how Dan arrived at "Researchers bypass Internet
Explorer Protected Mode" for the article title.  Protected Mode isn't
being bypassed at all - the "researchers that figured out a reliable way
to bypass the measure" apparently just noticed that Protected Mode is
disabled by default in the Local Intranet Zone.

Is this something you are concerned about?  This would obviously only be
exploitable by accessing sites on one's own intranet by specifically using
intranet nomenclature (and trusted sites, but the user has to add those).
Also, the article (or the researchers) are incorrect about the default
settings for the Intranet zone - it's Medium-low, not Medium.   If the
problem one is trying to fix is based on attackers compromising intranet
sites and then posting code for unpatched vulnerabilities that would still
end up only running in the user context, then you've got much bigger
problems, no?

I'm just wondering why you are brining attention to the article, or
really, why it was written in the first place.

t

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Georgi
Guninski
Sent: Sunday, December 05, 2010 1:26 PM
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] verizon vs m$

in a world like this, verizon kills exploder bugs:

http://www.theregister.co.uk/2010/12/03/protected_mode_bypass/
http://www.verizonbusiness.com/resources/whitepapers/wp_escapingmicrosoftp
rotectedmodeinternetexplorer_en_xg.pdf

the language doesn't seem passionate:
-----
Finally, Microsoft and other software vendors should clearly document
which features do and do not have associated security claims. Clearly
stating which features make security claims, and which do not, will allow
informed decisions to be made on IT security issues.
-----

lol

--
joro

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

verizon vs m$ Georgi Guninski (Dec 05)
- Re: verizon vs m$ Thor (Hammer of God) (Dec 05)
  - Re: verizon vs m$ Larry Seltzer (Dec 05)
  - Re: verizon vs m$ Georgi Guninski (Dec 06)
  - Re: verizon vs m$ Ven Ted (Dec 06)
    - Re: verizon vs m$ Thor (Hammer of God) (Dec 06)
    - Re: verizon vs m$ John Lightfoot (Dec 06)
    - Message not available
    - Fwd: verizon vs m$ Ven Ted (Dec 06)
    - Re: Fwd: verizon vs m$ Thor (Hammer of God) (Dec 06)
- Re: verizon vs m$ Dan Kaminsky (Dec 06)
  - Re: verizon vs m$ Thor (Hammer of God) (Dec 06)
    - Re: verizon vs m$ Dan Kaminsky (Dec 06)
    - Re: verizon vs m$ Thor (Hammer of God) (Dec 06)

(Thread continues...)