Webmaster rambling and mental notes
Home | Profile | Archives | Friends
Microsoft's Urgent Patch Precedes Black Hat Session
7/29/2009

Julie188 writes "Mystery solved! Microsoft's latest compulsion out-of-band patch was weird beyond belief. A notice was sent to journalists and researchers late Friday evening that the patch was coming Tuesday, but Microsoft refused to explain the flaw and even put a cone of silence around researchers who would have variously talked about it. But finally, one experimenter broke ranks and explained that the patch was caused by a flaw introduced in Microsoft's own growth tools. This flaw was also the source of the danger ActiveX patch, which took about 18 months to carry out and which supposedly fixed the problem by turning off ActiveX (setting a 'killbit' on the control). Researchers at Black Hat on Wednesday will be demonstrating how to override the killbit controls and get access to vulnerabilities supposedly stopped with a killbit. What's really scary is that Microsoft has issued 175 killbits fixes so far."

Read more of this story at Slashdot.




More: - The rest...

Mark

Share |
(Posted in Nerd)
Share and enjoy
  • Digg
  • del.icio.us
  • blinkbits
  • BlinkList
  • BlogMemes
  • blogmarks
  • DZone
  • Fark
  • Furl
  • Netvouz
  • NewsVine
  • Reddit
  • Slashdot
  • Smarking
  • Spurl
  • StumbleUpon
  • Taggly
  • Technorati
  • YahooMyWeb
Post Comment

Notify me of followup comments via e-mail.

Entry 1 of 6209
Last Page | Next Page