Network Managing, Engineering and Administration with an eye toward security.
Best practices meets the real world!
Friday, May 30, 2003 Mark Maiffret has some choice words on the BugTraq mailing list for this Microsoft Patch: Extension for Windows Media Services could cause Denial of Service.
"Microsoft is wrong and misleading customers in this advisory. This Windows Media Service vulnerability is exploitable, as confirmed in the labs at eEye, and by the discoverer of this vulnerability, Brett Moore.
I am not sure why Microsoft misidentified this vulnerability... maybe it is just a typo, maybe its a lack of technical know-how. Either way they need to re-release this advisory so that the correct information is given to customers.
There is a big difference in telling customers 'Ahh its a denial of service, and your web server will automatically restart' compared to the reality of the situation 'If your running Windows Media Services on IIS, attackers can spawn a remote shell 'command prompt' on your vulnerable system.'
Brett Moore, the researcher that discovered this flaw, is going to be releasing an advisory soon with more details on the how and why.
Not sure how you can have 'Trust'worthy Computing when your misinforming customers on a regular basis or releasing patches that disable their Internet access. :-o
For those technically inclined... supposedly MS thinks controlling ecx and eax on a mov [ecx],eax is not exploitable, just a DoS. hah
Chief Hacking Officer
eEye Digital Security
posted by David | 5/30/2003 09:47:00 AM