[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4612FF1F.5050903@pacbell.net>
Date: Tue, 03 Apr 2007 18:27:59 -0700
From: "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@...bell.net>
To: Jason Frisvold <xenophage0@...il.com>
Cc: stefan.kelm@...orvo.de, bugtraq@...urityfocus.com,
full-disclosure@...ts.grok.org.uk
Subject: Re: More information on ZERT patch for ANI 0day
And there's a patch for that Realtek already to go on the download
site. (read the caveat section). So far all I've seen/heard is that one.
This is patching 7 graphics items not just the one. ...that's 6 more
things the folks that throw at me from those Metasploit modules ;-)
Jason Frisvold wrote:
> On 4/3/07, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
> <sbradcpa@...bell.net> wrote:
>> the community need that they are reacting to. Gadi and the crew work
>> hard and have my respect for their efforts.
>
> Agreed. Previous patches worked as advertised with no adverse side
> effects here.
>
>> If you are willing to evaluate the eEye patch, Zert's should be higher
>> on your list as well since reportedly it works better than eEye's.
>
> eEye's patch only protects from attacks outside of %systemroot%. If
> an attacker can place a vulnerable file within %systemroot%, all bets
> are off.
>
> ZERT's patch, on the other hand, protects regardless of where the file
> is located. It specifically prevents the stack overflow condition by
> blocking chunks larger than 36 bytes from being copied.
>
>> Regardless it's a moot point. The real patch is out.
>> Install that one. It's on Windows update now.
>
> ISC is reporting problems with the Microsoft patch. A problem with
> the Realtek HD Audio Control Panel has been confirmed and patched by
> Microsoft. Other problems have been reported but no additional
> information on them has been released at this point.,
>
Powered by blists - more mailing lists