From: avivra (avivragmail.com)
Date: Fri Sep 14 2007 - 19:09:28 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Great overview, Todd!
I've just wanted to mention that MS downplayed the vulnerabilities I've
found in Vista's Sidebar gadgets.
In my blog post
(http://aviv.raffon.net/2007/08/16/VistaGadgetsGoneWild.aspx), I've
demonstrated a scenario where a worm can be propagated by exploiting the
vulnerability in the RSS feeds gadget.
I don't understand why Microsoft rated this vulnerability as important,
instead of critical.

--Aviv.

-----Original Message-----
From: Todd Manning [mailto:sflistdigitaloffense.net]
Sent: Thursday, September 13, 2007 8:47 PM
To: bugtraqsecurityfocus.com
Subject: Re: Next generation malware: Windows Vista's gadget API

On Sep 13, 2007, at 04:16 AM, Tim Brown wrote:

> A paper has just been released on the Windows Vista's gadget API. The
> abstract is as follows:
>
> Windows has had the ability to embed HTML into it's user interface
> for many
> years. Right back to and including Windows NT 4.0, it has been
> possible to
> embed HTML into the task bar, but the OS has always maintained a
> sandbox,
> from which the HTML has been unable to escape. All this changes
> with Windows
> Vista. This paper seeks to inform system administrators, users and the
> wider community on both potential attack vectors using gadgets and the
> mitigations provided by Windows Vista.
>
> The full paper can be found at http://www.portcullis-security.com/
> 165.php.
>

Good paper; Since this is out there I figure I'll forward the much
shorter article I wrote that details an attack against the contact
gadget, which was patched last month.

https://strikecenter.bpointsys.com/articles/2007/08/26/vista-gadget-
patches-in-ms07-048

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]