[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission

To: "security@xxxxxxxxxxxxxxxxx" <security@xxxxxxxxxxxxxxxxx>, "bugtraq@xxxxxxxxxxxxxxxxx" <bugtraq@xxxxxxxxxxxxxxxxx>, "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>, "cert@xxxxxxxx" <cert@xxxxxxxx>, "si-cert@xxxxxxxx" <si-cert@xxxxxxxx>
Subject: RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
From: "Thor \(Hammer of God\)" <thor@xxxxxxxxxxxxxxx>
Date: Thu, 15 Sep 2011 16:11:03 +0000

From your blog:

"While we know there's still a lot of cleaning up to do in their binary 
planting closet, our research-oriented minds remain challenged to find new ways 
of exploiting these critical bugs and bypassing new and old countermeasures. In 
the end, it was our research that got the ball rolling and it would be a missed 
opportunity for everyone's security if we didn't leverage the current momentum 
and keep researching. "

I would change that around a bit.  I would say "our self-serving and 
marketing-oriented minds remain challenged to understand what security really 
is, but regardless, continue to find ways of trying to convince people this 
represents an actual security threat. In the end, it was our research that 
falsely created security concerns and confusion where time was better spent 
really doing just about anything else, but it would have been a missed 
opportunity to get our names in the media to sell our security services." 

 t

>-----Original Message-----
>From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx [mailto:full-disclosure-
>bounces@xxxxxxxxxxxxxxxxx] On Behalf Of ACROS Security Lists
>Sent: Thursday, September 15, 2011 3:05 AM
>To: bugtraq@xxxxxxxxxxxxxxxxx; full-disclosure@xxxxxxxxxxxxxxxxx;
>cert@xxxxxxxx; si-cert@xxxxxxxx
>Subject: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
>
>
>Our new blog post describes some recent changes Microsoft introduced to
>fight against binary planting exploits. The most recent change was the removal
>of a vulnerable COM server on Windows XP which we used in our proof of
>concept at Hack In The Box Amsterdam in May.
>
>Read the post to find out what else is hiding in the "COM server binary
>planting"
>closet and what to do to get our PoC back to life.
>
>http://blog.acrossecurity.com/2011/09/microsofts-binary-planting-clean-
>up.html
>
>or
>
>http://bit.ly/qWyKph
>
>Enjoy the reading!
>
>
>Mitja Kolsek
>CEO&CTO
>
>ACROS, d.o.o.
>Makedonska ulica 113
>SI - 2000 Maribor, Slovenia
>tel: +386 2 3000 280
>fax: +386 2 3000 282
>web: http://www.acrossecurity.com
>blg: http://blog.acrossecurity.com
>
>ACROS Security: Finding Your Digital Vulnerabilities Before Others Do
>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
  - From: ACROS Security Lists

References:
- Microsoft's Binary Planting Clean-Up Mission
  - From: ACROS Security Lists

Prev by Date: [Onapsis Security Advisory 2011-016] SAP WebAS Malicious SAP Shortcut Generation
Next by Date: RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
Previous by thread: Microsoft's Binary Planting Clean-Up Mission
Next by thread: RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission
Index(es):
- Date
- Thread