| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: exibar at thelair.com (Exibar) Subject: Immunity's paper? Does anyone have this paper that the quoted Microsoft PSS advisory mentions or a link to it? I'd love to give it a read... thanks all! Exibar The PSS Security team is issuing this alert to advise customers that on Saturday 9/13/03 a research company called Immunity published a paper providing guidance on how to exploit the vulnerabilities patched by Microsoft Security Bulletin MS03-039. To date we've had no reports of actual exploit code being publicly available or being used actively in a worm or virus. Customers that have applied the patch as advised in Microsoft Security Bulletin MS03-039 are protected from exploit code developed using the guidance provided in this paper. Customers who have not deployed the patch or taken additional mitigating actions to protect their environment should be aware that the existence of sample code does make it easier for an active exploit to be developed. We are therefore strongly urging customers to immediately deploy the patch in their environments and take additional mitigation steps, as described in the bulletin, to protect themselves. Information on Microsoft Security Bulletin MS03-039 and its associated patch, mitigating factors and workarounds can be found here: http://www.microsoft.com/technet/security/bulletin/ms03-039.asp PSS Security Team
Powered by blists - more mailing lists