Network Security: Detailed info on Re: [Full-disclosure] Next generation malware: Windows Vista's gadget AP

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Web-App-Sec

[Top] [All Lists]

Re: [Full-disclosure] Next generation malware: Windows Vista's gadget AP

from [Tim Brown] Network Security

[Permanent Link]

Subject:	Re: [Full-disclosure] Next generation malware: Windows Vista's gadget API
Date:	Mon, 17 Sep 2007 13:43:35 +0100

On Monday 17 September 2007 13:26:36 Roger A. Grimes wrote:

I'm sorry, we'll have to agree to disagree. I don't see the new attack
vector here. I, the attacker, have to make you download my malicious
trojan program, which you install on your computer.


Irrespective of the rest of what Roger says (which I agree with FTR), this bit 
is simply wrong.  Look at the PoC that has been made public:

https://strikecenter.bpointsys.com/articles/2007/08/26/vista-gadget-patches-in-ms07-048

It's not (just) about downloading malware gadgets.  It's about exploiting 
vulnerabilities *in* gadgets (the default gadgets in Vista, in the case of 
the PoC).  Essentially anywhere a gadget calls for example eval() on 
untrusted data you *may* have a a problem.

Tim
-- 
Tim Brown
<mailto:tmb@65535.com>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] Next generation malware: Windows Vista's gadget API, Tim Brown RE: Next generation malware: Windows Vista's gadget API, Roger A. Grimes RE: Next generation malware: Windows Vista's gadget API, Peter Gutmann Re: [Full-disclosure] Next generation malware: Windows Vista's gadget API, Thierry Zoller Re: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API, Peter Gutmann RE: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API, Roger A. Grimes Re: [Full-disclosure] Next generation malware: Windows Vista's gadget API, Tim Brown <= RE: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API, Peter Gutmann RE: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API, Ed Patterson Re: [Full-disclosure] Next generation malware: Windows Vista's gadget API, Eric Chien

Previous by Date:	Re: [Full-disclosure] Next generation malware: Windows Vista's gadget API, Thierry Zoller
Next by Date:	Re: [Full-disclosure] Next generation malware: Windows Vista's gadget API, Eric Chien
Previous by Thread:	RE: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API, Roger A. Grimes
Next by Thread:	RE: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API, Peter Gutmann
Indexes:	[Date] [Thread] [Top] [All Lists]