[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Microsoft's Binary Planting Clean-Up Mission

To: <bugtraq@xxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>, <cert@xxxxxxxx>, <si-cert@xxxxxxxx>
Subject: Microsoft's Binary Planting Clean-Up Mission
From: "ACROS Security Lists" <lists@xxxxxxxx>
Date: Thu, 15 Sep 2011 12:05:09 +0200

Our new blog post describes some recent changes Microsoft introduced to fight 
against
binary planting exploits. The most recent change was the removal of a 
vulnerable COM
server on Windows XP which we used in our proof of concept at Hack In The Box
Amsterdam in May.

Read the post to find out what else is hiding in the "COM server binary 
planting"
closet and what to do to get our PoC back to life.

http://blog.acrossecurity.com/2011/09/microsofts-binary-planting-clean-up.html

or

http://bit.ly/qWyKph

Enjoy the reading!


Mitja Kolsek
CEO&CTO

ACROS, d.o.o.
Makedonska ulica 113
SI - 2000 Maribor, Slovenia
tel: +386 2 3000 280
fax: +386 2 3000 282
web: http://www.acrossecurity.com
blg: http://blog.acrossecurity.com

ACROS Security: Finding Your Digital Vulnerabilities Before Others Do

Follow-Ups:
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
  - From: Thor \(Hammer of God\)

Prev by Date: XEE vulnerabilities in SharePoint (MS11-074) and DotNetNuke
Next by Date: [Onapsis Security Advisory 2011-014] SAP WebAS Remote Denial of Service
Previous by thread: XEE vulnerabilities in SharePoint (MS11-074) and DotNetNuke
Next by thread: RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
Index(es):
- Date
- Thread