[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FD] Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe
- To: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
- Subject: Re: [FD] Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe
- From: Michal Zalewski <lcamtuf@xxxxxxxxxxx>
- Date: Wed, 21 May 2014 11:12:37 -0700
> the existence of "C:\Program.exe" must not have any bad affect
> for any random installer not intending to execute this
Sounds like a good goal. The installer probably also shouldn't play
obscene messages via PC speaker. If it did, it would be undesirable
and probably considered a bug.
Now, in practical terms... in absence of a plausible risk / attack
vector, it doesn't sound like much of a security issue (unless you
adopt the approach advocated on the predecessor of this list by Mr.
Lemonias).
/mz
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/