Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpapacbell.net)
Date: Tue Apr 03 2007 - 20:27:59 CDT
And there's a patch for that Realtek already to go on the download
site. (read the caveat section). So far all I've seen/heard is that one.
This is patching 7 graphics items not just the one. ...that's 6 more
things the folks that throw at me from those Metasploit modules ;-)
Jason Frisvold wrote:
> On 4/3/07, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
> <sbradcpapacbell.net> wrote:
>> the community need that they are reacting to. Gadi and the crew work
>> hard and have my respect for their efforts.
> Agreed. Previous patches worked as advertised with no adverse side
> effects here.
>> If you are willing to evaluate the eEye patch, Zert's should be higher
>> on your list as well since reportedly it works better than eEye's.
> eEye's patch only protects from attacks outside of %systemroot%. If
> an attacker can place a vulnerable file within %systemroot%, all bets
> are off.
> ZERT's patch, on the other hand, protects regardless of where the file
> is located. It specifically prevents the stack overflow condition by
> blocking chunks larger than 36 bytes from being copied.
>> Regardless it's a moot point. The real patch is out.
>> Install that one. It's on Windows update now.
> ISC is reporting problems with the Microsoft patch. A problem with
> the Realtek HD Audio Control Panel has been confirmed and patched by
> Microsoft. Other problems have been reported but no additional
> information on them has been released at this point.,