Fonts of fun

[Dave Aitel <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm not sure why Font means both "a source of something" and "the way
letters look" in English. Personally, I think people are making the
EOT bug sound harder than it is. I guess the lesson is: Buy BinNavi,
stop whinging about da bugs. Piotr Bania basically gave the entire bug
up blow by blow in his half-finished advisory
(http://www.piotrbania.com/all/adv/MS06-002-adv.txt). Which reminds me...

eEye's newsletter today said this about it:

"Details of this flaw were first released today in conjunction with
the Microsoft patch and within minutes, other researchers had reverse
engineered the Microsoft patch and shared the details online, which
means that this flaw may very well be used in an attack.  The attack
vector of this flaw is similar to the WMF flaw, in that a user must
visit a malicious website containing the malicious font file."

I'm fairly sure this is someone on the marketing team trying to put a
bit of spin on it. It's clear that Piotr did not "reverse engineer the
patch". He'd obviously had the bug for some time. It's always funny
when people play the "Who had it first" game. Because if you are the
kind of person who gave the bug up - you were not first.

- -dave


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFDxQXYB8JNm+PA+iURAliGAJ0VA2wZceEanNwQi+ylPJ1I80lPwgCgnPZV
HQPW+r59pM2Ulf9iXCPuO+w=
=hh1W
-----END PGP SIGNATURE-----