lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <007601c53eca$7fc8d030$500a0e0a@pc1221>
Date: Mon Apr 11 20:13:31 2005
From: mnv at alumni.princeton.edu (MN Vasquez)
Subject: Oddness with the MS antispyware beta

No, it's not present via Alt Tab.  It's not in Task Mgrs application list, 
or on the task bar. it may be on the processes list, but I have not yet 
investigated it further.

I googled all the "button" names, but it yielded nada.


----- Original Message ----- 
From: "Paul Kurczaba" <seclists@...urinews.com>
To: "MN Vasquez" <mnv@...mni.princeton.edu>
Cc: <full-disclosure@...ts.grok.org.uk>
Sent: Monday, April 11, 2005 11:15 AM
Subject: Re: [Full-disclosure] Oddness with the MS antispyware beta


> If you hold down "alt" + "tab", does the hidden windows name and icon 
> appear on the list?
>
> MN Vasquez wrote:
>> I don't know if this is programming technique is "common", but I've not 
>> seen it before.  I'm running the MS antispyware beta 1 on Windows XP sp2. 
>> I hooked up a 2nd monitor to my laptop.  I set the resolution to 
>> 1600x1200, and the monitor position in relation to the primary, is to the 
>> left.  Align the bottom screens.  You can use a different resolution, I 
>> imagine, if you offset the positions of the monitors.
>>  On the 2nd monitor I found a program window "hiding".  Basically, in a 
>> very odd position -- on a typically non-displayed portion of the desktop, 
>> which I only found by configuring multiple monitors.  It seems the 
>> programmers are "hiding" a window, which I have attached as a jpg.  For 
>> those that don't want to open an attachment:
>>  there are 5 buttons: systrayhide, systrayshow, systraynormal, 
>> systrascanning, systrayupdating.
>>  The window title is gcasDtServHolder
>>  Clicking the buttons modifies the tooltip associated with the system 
>> tray icon.  I can hide/show the systray icon.  The status of the icon 
>> also changes from Active to Running when Normal is selected, and I then 
>> click either the Scanning or Updating button.
>>  Closing the window removes the system tray icon and apparently closes 
>> the program.
>>  I do not know if this possibly leads to a vulnerability or not.
>>  Mike
>>
>> ------------------------------------------------------------------------
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ