lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: jonathan at (Jonathan Rickman)
Subject: Flaws security feature of SP2

> Exploiting this issue requires the ability to overwrite 
> existing files wich have a trusted or non-existant ZoneID. 
> Right now there is no known way to achieve this in an attack 
> mounted from the Internet.

Ok. So if I have the ability to do that, isn't it safe to say that I already
control the box?

> Vendor status
> -------------
> heise Security has notified Microsoft about both issues on 
> August 12. Microsoft Security Response Center
> responded:
> "We have investigated your report, as we do with all reports, 
> however in this case, we don't see these issues as being in 
> conflict with the design goals of the new protections. We are 
> always seeking improvements to our security protections and 
> this discussion will certainly provide additional input into 
> future security features and improvements, but at this time 
> we do not see these as issues that we would develop patches 
> or workarounds to address."

I'm inclined to agree with them. I see the potential for problems as you
have pointed out, but I guess I need a little help in understanding how this
could ever be more than a theoretical vulnerability. Could you perhaps
elaborate and maybe toss in a hypothetical situation or two to help me see
what you're driving at?


Powered by blists - more mailing lists