| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Adobe patches 7 issues, including Pwn2Own contest flaw and DNS rebinding issues | |
|
||
| Time: 12:43 EST/17:43 GMT | News Source: ZDNet | Posted By: Jonathan Tigner | ||
|
Adobe published an advisory covering issues, including a fix for the Pwn2Own flaw that we previously discussed here. Adobe’s details are published here. One of the issues that was patched was discovered by myself and fellow researcher (and co-worker at Ernst & Young’s Advanced Security Center) Rob Carter, see the picture to the right of Rob and I rollin’ with large stacks of Euros (not really, it was actually like 10 Euros, aka $10,000.00 with the way the dollar is these days) in Amsterdam during Black Hat Europe. The flaw we discovered is a DNS Rebinding flaw that’s a bit unique. It takes advantage of some DNS canonicalization issues, and I really feel like it may be useful in other attack vectors as well. My good friend Rob has already posted the details on his “Farfromr00tin” blog, and the analysis is quite good, so I will paraphrase this here. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 149 Last | Next |
The time now is
2:17:22 AM
ET.
Any comment problems? E-mail us |
| #1 By 2231 (72.5.151.4) at 4/10/2008 2:46:39 PM |
|
Can somebody explain why Adobe installs the Flash dll under the system32 folder? What makes installing under \Program Files unacceptable?
What is the logic for any app putting files under \windows? |
| #2 By 2960 (72.196.195.185) at 4/10/2008 2:58:19 PM |
|
I agree.
I think ALL program contents should be stored under that actual programs folder. Like the Mac does :) Well, in most cases. The usual suspects try to screw that up too. TL |
| #3 By 2332 (66.92.78.241) at 4/10/2008 4:50:41 PM |
|
I blogged about this extensively here: http://www.robertdowney.com/2008/03/pwn-to-own-mac-os-vs-vista-vs-ubuntu.html
I'll probably update the post to reflect the latest and greatest info (the use of Java, the patch, etc.). I don't mean this to be blog spam... just thought it would be interesting for ActiveWin readers. |
| #4 By 82766 (202.154.80.82) at 4/10/2008 5:27:16 PM |
|
No programs should store any of their files in \windows or lower! This has been a bug-bear of Microsoft's for quite some time!
They finally "forced" the change with Vista which is just another one of those often overlooked features :) So many programs install various dll's into system32, its appalling programming!! RMD - just read your post... you're missing quite a bit of info about the 'rules of the competition'. From memory myself and I don't have the time to find the comp's website again: day 1 - default and patched config, no 3rd party programs day 2 - limited season; any 3rd party program is allowed to be installed day 3 - open season; anything goes I could be quite wrong with this but I remember following the comp on a daily basis (its nice to wake up to new northern hemisphere news :) and I'm pretty sure thats how the comp was run. Thus as Safari fell on the first day, thats a core safari issue. Vista fell on the second day but only due to the flash security flaw. While the group that got the linux box weren't prepared to hack it... (which I actually find funny!) This post was edited by MyBlueRex on Thursday, April 10, 2008 at 18:22. |
| #5 By 92283 (64.180.201.131) at 4/10/2008 5:33:31 PM |
|
#3 From your blog:
" A commenter on Slashdot suggests that Flash actually subverts Protected Mode by using its own brokering process. " I'm pretty sure the brokering process is flashutil9e.exe (where 9e is the version of flash). I just added that exe to the unwanted programs list of McAfee and it runs no more. Flash still works though. |
| #6 By 2332 (66.92.78.241) at 4/11/2008 10:54:08 AM |
|
MyBlueRex - First, I link to their web site where they state the rules.
Second, my post wasn't intended to repeat what the rules were, only to familiarize people with the general idea. Third, I believe that 3rd party apps were installed from day 1, but it was only on day two that interactive users on the machine started using those applications. Lastly, what, exactly, does "anything goes" mean? I can e-mail a user on the machine and tell them to run a program as admin? |
| #7 By 82766 (122.107.17.90) at 4/12/2008 3:46:21 AM |
|
(second attempt at posting this reply... grrrrr... so this is a quick reply)
RMD - a repeat of the rules are not needed, maybe just a sumary of the 'day' rules would have clarified quite a lot? So many people don't bother going to another link :( I was basically right with the three days I listed. Day 1 - external attacks only (no physical access or control of the PC) Day 2 - The attack surfaces increases to also include any default installed client-side applications which can be exploited by following a link through email, vendor supplied IM client or visiting a malicious website Day 3 - will finally add some popular 3rd party client applications to the scope. That list will be made available at CanSecWest Of course, this begs the question, how does CanSecWest consider Flash to be a "default installed client-side app"?? Microsoft do not supply it with Vista at all. Anyhoo, been and done. If they had only allowed flash on the 3rd day (as I personally feel they should have), then Vista would have only fallen in the 3rd day. Of course, it doesn't really matter in the big picture :) (but rules are rules IMHO) We also have to remember that this was for unpublished 0 day vuln's and once one method was used, it was not allowed to be used for another OS. Even if the flash method probably would have worked for all three :) I'd still like to see someone run a "real life" attack comp though!! hehe! that'd be interesting! I suspect all three OS would be hacked within 30 seconds!! Oh and yes, "anything goes" does basically mean that as per day 3 rules; using a 3rd party app that CanSecWest allowed of course. This post was edited by MyBlueRex on Saturday, April 12, 2008 at 03:46. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 149 Last | Next |
The time now is
2:17:22 AM
ET.
Any comment problems? E-mail us |
