Google researcher publishes Windows 0-day exploit
Posted on 06 June 2013.
Less than two weeks after Google researcher Tavis Ormandy released information about a new Windows zero-day vulnerability on the Full Disclosure mailing list and asked for help in creating an exploit, he has returned with one and added that there is another one already in circulation.

According to The H and their associates at heise Security, the exploit works.

"If the file is opened, it launches a command line which can be used to run arbitrary commands with system privileges, irrespective of the user's own privileges – even a guest account can be used," they confirmed.

Microsoft will now have to scramble to push out a patch for the flaw or at least instructions on how the mitigate the risk. Still, the good news is that the exploit code can only be used by attackers that have physical access to the target machine.

Ormandy is known for his quality research work, but also for his preference for "full disclosure" of vulnerabilities. He has been criticized for it in the past, but the criticism obviously didn't change his mind on the matter, and his employer seems not to have a problem with it.

In fact, Google has recently stated that they were supportive of their researchers "setting an aggressive disclosure deadline where there exists evidence that blackhats already have knowledge of a given bug," and that they consider 7 days to be enough for vendors to at least come up with some mitigations, such as temporarily disabling a service or restricting access.


MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection

The device can wirelessly spoof credit cards/magstripes, disable chip-and-PIN protection, and predict the credit card number and expiration date of Amex cards after they have reported stolen or lost.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th