MS Advisories Giving Clues To Hackers

Posted on April 17th, 2007 by Jason

How’s this for a new twist on the old responsible disclosure debate: Hackers are taking advantage of information released in Microsoft’s pre-patch security advisories to create exploits for zero-day vulnerabilities.

The latest zero-day flaw in the Windows DNS Server RPC interface implementation is a perfect example of the tug-o-war within the MSRC (Microsoft Security Response Center) about how much information should be included in the pre-patch advisory.

Using clues in the workarounds section of the advisory, Errata Security researcher David Maynor said he was able to pinpoint the source of the vulnerability without much trouble. “It took about an hour from setup to shell on Windows 2000,” Maynor said in an interview. “On Windows 2000, there are only five functions accessible over RPC.

You combine combine that with their [Microsoft's] description of it being a stack overflow, it narrows the time to find down greatly.” “This is such an easy bug  most of the people I talked to already had it figured out as well,” Maynor added.

Tags: , , , , , ,

This entry was posted on Tuesday, April 17th, 2007 at 9:40 am and is filed under Internet. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Related posts

Leave a Reply