On Monday 17 September 2007 13:26:36 Roger A. Grimes wrote: > I'm sorry, we'll have to agree to disagree. I don't see the new attack > vector here. I, the attacker, have to make you download my malicious > trojan program, which you install on your computer.
Irrespective of the rest of what Roger says (which I agree with FTR), this bit is simply wrong. Look at the PoC that has been made public: https://strikecenter.bpointsys.com/articles/2007/08/26/vista-gadget-patches-in-ms07-048 It's not (just) about downloading malware gadgets. It's about exploiting vulnerabilities *in* gadgets (the default gadgets in Vista, in the case of the PoC). Essentially anywhere a gadget calls for example eval() on untrusted data you *may* have a a problem. Tim -- Tim Brown <mailto:[EMAIL PROTECTED]> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
