Re: [Full-disclosure] More information on ZERT patch for ANI 0day

["Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@xxxxxxxxxxx>]

And there's a patch for that Realtek already to go on the download 
site.  (read the caveat section).  So far all I've seen/heard is that one.

This is patching 7 graphics items not just the one. ...that's 6 more 
things the folks that throw at me from those Metasploit modules ;-)

Jason Frisvold wrote:
> On 4/3/07, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
> <sbradcpa@xxxxxxxxxxx> wrote:
>> the community need that they are reacting to.  Gadi and the crew work
>> hard and have my respect for their efforts.
>
> Agreed.  Previous patches worked as advertised with no adverse side
> effects here.
>
>> If you are willing to evaluate the eEye patch, Zert's should be higher
>> on your list as well since reportedly it works better than eEye's.
>
> eEye's patch only protects from attacks outside of %systemroot%.  If
> an attacker can place a vulnerable file within %systemroot%, all bets
> are off.
>
> ZERT's patch, on the other hand, protects regardless of where the file
> is located.  It specifically prevents the stack overflow condition by
> blocking chunks larger than 36 bytes from being copied.
>
>> Regardless it's a moot point.  The real patch is out.
>> Install that one.  It's on Windows update now.
>
> ISC is reporting problems with the Microsoft patch.  A problem with
> the Realtek HD Audio Control Panel has been confirmed and patched by
> Microsoft.  Other problems have been reported but no additional
> information on them has been released at this point.,
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/