Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft's Binary Planting Clean-Up Mission

From: Christian Sciberras <uuf6429 () gmail com>
Date: Thu, 15 Sep 2011 22:18:09 +0200
I bet Microsoft actually like stating they just fixed yet another severe
bug.
Zero-day fixing is big business, you know....even if "zero" is past a few
"days".

Then again, I just happen to share Thor's point of view.

Cheers,
Chris.





On Thu, Sep 15, 2011 at 9:54 PM, ACROS Security Lists <lists () acros si>wrote:


Hi Thor,

Thank you very much for sharing your point of view. If Microsoft thought
the same
though, they probably wouldn't be fixing these bugs. I suppose they don't
"understand
what security really is" the same way we don't. ;-)

Regards,
Mitja




-----Original Message-----
From: Thor (Hammer of God) [mailto:thor () hammerofgod com]
Sent: Thursday, September 15, 2011 6:11 PM
To: security () acrossecurity com; bugtraq () securityfocus com;
full-disclosure () lists grok org uk; cert () cert org; si-cert () arnes si
Subject: RE: [Full-disclosure] Microsoft's Binary Planting
Clean-Up Mission

From your blog:

"While we know there's still a lot of cleaning up to do in
their binary planting closet, our research-oriented minds
remain challenged to find new ways of exploiting these
critical bugs and bypassing new and old countermeasures. In
the end, it was our research that got the ball rolling and it
would be a missed opportunity for everyone's security if we
didn't leverage the current momentum and keep researching. "

I would change that around a bit.  I would say "our
self-serving and marketing-oriented minds remain challenged
to understand what security really is, but regardless,
continue to find ways of trying to convince people this
represents an actual security threat. In the end, it was our
research that falsely created security concerns and confusion
where time was better spent really doing just about anything
else, but it would have been a missed opportunity to get our
names in the media to sell our security services."

 t


-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure- bounces () lists grok org uk] On

Behalf Of ACROS

Security Lists
Sent: Thursday, September 15, 2011 3:05 AM
To: bugtraq () securityfocus com; full-disclosure () lists grok org uk;
cert () cert org; si-cert () arnes si
Subject: [Full-disclosure] Microsoft's Binary Planting

Clean-Up Mission



Our new blog post describes some recent changes Microsoft

introduced to

fight against binary planting exploits. The most recent

change was the

removal of a vulnerable COM server on Windows XP which we

used in our

proof of concept at Hack In The Box Amsterdam in May.

Read the post to find out what else is hiding in the "COM

server binary

planting"
closet and what to do to get our PoC back to life.

http://blog.acrossecurity.com/2011/09/microsofts-binary-plant

ing-clean-

up.html

or

http://bit.ly/qWyKph

Enjoy the reading!


Mitja Kolsek
CEO&CTO

ACROS, d.o.o.
Makedonska ulica 113
SI - 2000 Maribor, Slovenia
tel: +386 2 3000 280
fax: +386 2 3000 282
web: http://www.acrossecurity.com
blg: http://blog.acrossecurity.com

ACROS Security: Finding Your Digital Vulnerabilities Before Others Do


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: