mailing list archives
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Tue, 18 Apr 2006 01:06:22 +0200
On 2006-04-15 Thor (Hammer of God) wrote:
It's a simple method to bypass malicious host file modification.
Make that "pointless method" and it's correct. To modify the hosts file
(or its location) malware would need administrative privileges. With
admin privileges the malware can do whatever it pleases, including but
not limited to bypassing or replacing the entire DNS resolver.
"All vulnerabilities deserve a public fear period prior to patches
--Jason Coombs on Bugtraq