Re: Microsoft's Binary Planting Clean-Up Mission

["Mikhail A. Utin" <mutin () commonwealthcare org>]

Mitja,
You, unfortunately, did not get it. It is not about Microsoft, it is about you guys who do not make things better but 
put all you mind in doing things worse. Use common sense in whatever you do. Innovating hacks beyond and above "black 
hats" does not really help people being more secure.

Mikhail A. Utin, CISSP
Information Security Analyst


-----Original Message-----
From: ACROS Security Lists [mailto:lists () acros si] 
Sent: Thursday, September 15, 2011 3:54 PM
To: 'Thor (Hammer of God)'
Cc: bugtraq () securityfocus com; full-disclosure () lists grok org uk
Subject: RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission

Hi Thor,

Thank you very much for sharing your point of view. If Microsoft thought the same though, they probably wouldn't be 
fixing these bugs. I suppose they don't "understand what security really is" the same way we don't. ;-)

Regards,
Mitja

 

> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor () hammerofgod com]
> Sent: Thursday, September 15, 2011 6:11 PM
> To: security () acrossecurity com; bugtraq () securityfocus com; 
> full-disclosure () lists grok org uk; cert () cert org; si-cert () arnes si
> Subject: RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up 
> Mission
>
> From your blog:
>
> "While we know there's still a lot of cleaning up to do in their 
> binary planting closet, our research-oriented minds remain challenged 
> to find new ways of exploiting these critical bugs and bypassing new 
> and old countermeasures. In the end, it was our research that got the 
> ball rolling and it would be a missed opportunity for everyone's 
> security if we didn't leverage the current momentum and keep 
> researching. "
>
> I would change that around a bit.  I would say "our self-serving and 
> marketing-oriented minds remain challenged to understand what security 
> really is, but regardless, continue to find ways of trying to convince 
> people this represents an actual security threat. In the end, it was 
> our research that falsely created security concerns and confusion 
> where time was better spent really doing just about anything else, but 
> it would have been a missed opportunity to get our names in the media 
> to sell our security services."
>
>  t
>
> > -----Original Message-----
> > From: full-disclosure-bounces () lists grok org uk
> > [mailto:full-disclosure- bounces () lists grok org uk] On
> Behalf Of ACROS
> > Security Lists
> > Sent: Thursday, September 15, 2011 3:05 AM
> > To: bugtraq () securityfocus com; full-disclosure () lists grok org uk;
> > cert () cert org; si-cert () arnes si
> > Subject: [Full-disclosure] Microsoft's Binary Planting
> Clean-Up Mission
> > Our new blog post describes some recent changes Microsoft
> introduced to
> > fight against binary planting exploits. The most recent
> change was the
> > removal of a vulnerable COM server on Windows XP which we
> used in our
> > proof of concept at Hack In The Box Amsterdam in May.
> >
> > Read the post to find out what else is hiding in the "COM
> server binary
> > planting"
> > closet and what to do to get our PoC back to life.
> >
> > http://blog.acrossecurity.com/2011/09/microsofts-binary-plant
> ing-clean-
> > up.html
> >
> > or
> >
> > http://bit.ly/qWyKph
> >
> > Enjoy the reading!
> >
> >
> > Mitja Kolsek
> > CEO&CTO
> >
> > ACROS, d.o.o.
> > Makedonska ulica 113
> > SI - 2000 Maribor, Slovenia
> > tel: +386 2 3000 280
> > fax: +386 2 3000 282
> > web: http://www.acrossecurity.com
> > blg: http://blog.acrossecurity.com
> >
> > ACROS Security: Finding Your Digital Vulnerabilities Before Others Do
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/

CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential 
and privileged information for the use of the designated recipients named above. If you are 
not the intended recipient, you are hereby notified that you have received this communication 
in error and that any review, disclosure, dissemination, distribution or copying of it or its 
contents is prohibited. If you have received this communication in error, please reply to the 
sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication 
and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy, 
please visit our Internet web site at http://www.commonwealthcare.org.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/