lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <04Aug16.111945-0400_edt.312060-11915+3103@ams.ftl.affinity.com> From: jonathan at xcorps.net (Jonathan Rickman) Subject: Flaws security feature of SP2 > Exploiting this issue requires the ability to overwrite > existing files wich have a trusted or non-existant ZoneID. > Right now there is no known way to achieve this in an attack > mounted from the Internet. Ok. So if I have the ability to do that, isn't it safe to say that I already control the box? > Vendor status > ------------- > heise Security has notified Microsoft about both issues on > August 12. Microsoft Security Response Center > responded: > > "We have investigated your report, as we do with all reports, > however in this case, we don't see these issues as being in > conflict with the design goals of the new protections. We are > always seeking improvements to our security protections and > this discussion will certainly provide additional input into > future security features and improvements, but at this time > we do not see these as issues that we would develop patches > or workarounds to address." I'm inclined to agree with them. I see the potential for problems as you have pointed out, but I guess I need a little help in understanding how this could ever be more than a theoretical vulnerability. Could you perhaps elaborate and maybe toss in a hypothetical situation or two to help me see what you're driving at? -- Jonathan
Powered by blists - more mailing lists