Full Disclosure mailing list archives

Re: Microsoft's Binary Planting Clean-Up Mission

From: adam <adam () papsy net>
Date: Thu, 15 Sep 2011 16:25:56 -0500

Plus: pretending that you're on the same page as Microsoft (from a security
standpoint) to further your own argument is more damaging than it is
beneficial. The entire "binary planting" concept was flawed from the very
beginning. If you can drop a binary file on a user's machine - make it an
executable and be done with it. There's nothing fancy or innovative about
forcing applications to use specific DLLs - script kiddies have been doing
it for over 10 years to inject custom code in multiplayer games.

On Thu, Sep 15, 2011 at 3:59 PM, Thor (Hammer of God)
<thor () hammerofgod com>wrote:

I'm curious.  Who is your contact at MSFT?  Who is it that has told you
they have a "Binary Planting Clean-up Mission" and where do they mention you
as having anything to do with it?

If you are going to claim MSFT's actions as substantive to your agenda, how
about provide some details?

t

-----Original Message-----
From: ACROS Security Lists [mailto:lists () acros si]
Sent: Thursday, September 15, 2011 1:41 PM
To: 'Christian Sciberras'
Cc: Thor (Hammer of God); full-disclosure () lists grok org uk;
bugtraq () securityfocus com
Subject: RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up

Mission


Hey Chris,

I bet Microsoft actually like stating they just fixed yet another
severe bug.
Zero-day fixing is big business, you know....even if "zero"
is past a few "days".


I don't think Microsoft gains much from being able to say they fixed yet
another bug
- maybe if it were a bug they found internally and fixed proactively, but

not

like this. And I'm sure they'd rather be doing something else than

fixing:

fixing a product costs a lot, and it generates no revenue.

Cheers,
Mitja


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 15)
- Re: Microsoft's Binary Planting Clean-Up Mission Thor (Hammer of God) (Sep 15)
  - Re: Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 15)
    - Re: Microsoft's Binary Planting Clean-Up Mission Christian Sciberras (Sep 15)
    - Re: Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 15)
    - Re: Microsoft's Binary Planting Clean-Up Mission Thor (Hammer of God) (Sep 15)
    - Re: Microsoft's Binary Planting Clean-Up Mission adam (Sep 15)
    - Re: Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 15)
    - Re: Microsoft's Binary Planting Clean-Up Mission adam (Sep 15)
    - Re: Microsoft's Binary Planting Clean-Up Mission Michael Schmidt (Sep 16)
    - Re: Microsoft's Binary Planting Clean-Up Mission Jeffrey Walton (Sep 16)
    - Re: Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 15)
    - Re: Microsoft's Binary Planting Clean-Up Mission Mikhail A. Utin (Sep 16)
    - Re: Microsoft's Binary Planting Clean-Up Mission Pedro B (Sep 16)
    - Re: Microsoft's Binary Planting Clean-Up Mission ACROS Security Lists (Sep 16)
  - Re: Microsoft's Binary Planting Clean-Up Mission Stefan Kanthak (Sep 16)
- Re: Microsoft's Binary Planting Clean-Up Mission paul . szabo (Sep 15)

(Thread continues...)