点饭的百度空间
银牌会员
积分 2315
发帖 2236
注册 2007-11-30
|
#1 [Azy]0day Windows内核任意地址写入漏洞,百度被微软爆公布内核0DAY
2009-06-11 02:20
for XP, 程序限制了只能写一次,demo:
testapp.rar:
hXXp://www.brsbox.com/filebox/down/fc/a77089716f3bb15bcc2aa20256c0fc05
Latest Baidu public posting requires Adminisrator to elevate
Last night we noticed a Windows XP kernel 0day claim in win32k!NtUserConsoleControl posted on baidu.com.
We took a quick look and found that the issue requires administrator privileges to execute. We are still investigating, looking for any chance of privilege escalation but so far it looks like a reliability issue, not a security vulnerability.
And remember, the Administrator to SYSTEM “escalation” is not a security boundary we defend – it is impossible to defend Windows from an administrator armed with a malicious EXE. In the end, you’ve got to trust your administrators. (see Immutable Law of Security #6)
Just wanted to write a quick note to prevent you all from worrying about this one.
- Jonathan Ness, MSRC Engineering
*Posting is provided "AS IS" with no warranties, and confers no rights.*
Published Thursday, June 11, 2009 1:17 PM by swiblog
Filed under: win32k.sys, exploitability, risk assessment
http://blogs.technet.com/srd/arc ... tor-to-elevate.aspx
| |
※ ※ ※ 本文纯属【点饭的百度空间】个人意见,与【 微点交流论坛 】立场无关※ ※ ※
|
你的微笑 is 微点的骄傲!
http://hi.baidu.com/new/micropoint |
|
|
