Bugtraq mailing list archives
Re: [Full-disclosure] Next generation malware: Windows Vista's gadget API
From: Tim Brown <tmb () 65535 com>
Date: Mon, 17 Sep 2007 13:43:35 +0100
On Monday 17 September 2007 13:26:36 Roger A. Grimes wrote:
I'm sorry, we'll have to agree to disagree. I don't see the new attack vector here. I, the attacker, have to make you download my malicious trojan program, which you install on your computer.
Irrespective of the rest of what Roger says (which I agree with FTR), this bit is simply wrong. Look at the PoC that has been made public: https://strikecenter.bpointsys.com/articles/2007/08/26/vista-gadget-patches-in-ms07-048 It's not (just) about downloading malware gadgets. It's about exploiting vulnerabilities *in* gadgets (the default gadgets in Vista, in the case of the PoC). Essentially anywhere a gadget calls for example eval() on untrusted data you *may* have a a problem. Tim -- Tim Brown <mailto:tmb () 65535 com>
Current thread:
- Re: Next generation malware: Windows Vista's gadget API, (continued)
- Re: Next generation malware: Windows Vista's gadget API Todd Manning (Sep 13)
- RE: Next generation malware: Windows Vista's gadget API avivra (Sep 17)
- RE: Next generation malware: Windows Vista's gadget API Roger A. Grimes (Sep 14)
- RE: Next generation malware: Windows Vista's gadget API Peter Gutmann (Sep 17)
- Re: Next generation malware: Windows Vista's gadget API Tim Brown (Sep 17)
- Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API Thierry Zoller (Sep 17)
- Re: [Full-disclosure] Next generation malware: Windows Vista's gadget API Tim Brown (Sep 17)
- RE: [Full-disclosure] Next generation malware: Windows Vista's gadget API Strykar (Sep 19)
- Re: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API Peter Gutmann (Sep 17)
- RE: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API Roger A. Grimes (Sep 17)
- Re: [Full-disclosure] Next generation malware: Windows Vista's gadget API Tim Brown (Sep 17)
- RE: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API Peter Gutmann (Sep 18)
- RE: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API Ed Patterson (Sep 18)
- RE: Next generation malware: Windows Vista's gadget API Peter Gutmann (Sep 17)
- Re: Next generation malware: Windows Vista's gadget API Todd Manning (Sep 13)