On Monday 17 September 2007 13:26:36 Roger A. Grimes wrote:
> I'm sorry, we'll have to agree to disagree. I don't see the new attack
> vector here. I, the attacker, have to make you download my malicious
> trojan program, which you install on your computer.
Irrespective of the rest of what Roger says (which I agree with FTR), this bit
is simply wrong. Look at the PoC that has been made public:
https://strikecenter.bpointsys.com/articles/2007/08/26/vista-gadget-patches-in-ms07-048
It's not (just) about downloading malware gadgets. It's about exploiting
vulnerabilities *in* gadgets (the default gadgets in Vista, in the case of
the PoC). Essentially anywhere a gadget calls for example eval() on
untrusted data you *may* have a a problem.
Tim
--
Tim Brown
<mailto:tmb_at_65535.com>
-------------------------------------------------------------------------
Sponsored by: Watchfire
The Twelve Most Common Application-level Hack Attacks
Hackers continue to add billions to the cost of doing business online
despite security executives' efforts to prevent malicious attacks. This
whitepaper identifies the most common methods of attacks that we have seen,
and outlines a guideline for developing secure web applications.
Download today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008rSe
--------------------------------------------------------------------------
Received on Sep 18 2007
Intro
