While I am sure MS is now trembling at the disclosure of such a high impact bug, I am wondering why you chose core-security.net as your domain when core security (.com) is already known as a leading security company with a good name?
On Fri, Mar 14, 2008 at 2:49 PM, SkyOut <[EMAIL PROTECTED]> wrote: > Dear list, > > after weeks of total ignorance by Microsoft I decided to finally release > all information > related to a bug, that has to do with the Windows XP SP2 Taskmanager. > Manipulating > a Registry key makes it possible to disable the Taskmgr. On the next > startup it will crash with > an error message. It is possible to backup the key and repair the Registry > doing so, but > the attack scenario is clear: A virus uses this code, the user can't open > the Taskmgr anymore > and your process is somehow "hidden". > > The full information about this bug, can be found here: > http://core-security.net/archive/2008/march/index.php#14032008 > > And the exploit is available here: > http://core-security.net/releases/exploits/taskmgr_dos.c.txt > > Greets, > SkyOut > > --- > core-security.net > --- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
