Wednesday, June 15, 2005

Researchers Stymied By Microsoft Vulnerability

Gregg Keizer writes on TechWeb News:

Researchers on Wednesday were still dissecting one of the vulnerabilities patched by Microsoft Tuesday, and hadn't yet been able to "find the trick," said the head of one security firm's lab.

Mike Murray, the director of research at vulnerability management vendor nCircle, has had his entire team picking through the patch provided by Microsoft to fix a flaw in Windows' SMB (Server Message Block) protocol, and hasn't yet been able to find a way to exploit the vulnerability without going through authentication.

"It's incredible," said Murray. "We've found all the functions and the overflow, but we haven't been able to find the unauthenticated [attack] vector. We've found the authenticated vector, but as for the other, nope."

nCircle pulls apart disclosed vulnerabilities to create new methods of vulnerability detection, and in the short term, to provide guidance to its customers on the relative danger of flaws in applications and operating systems, including Windows.

0 Comments:

Post a Comment

<< Home