nil.enroll(aetheric_username, quantum_class_id) (adric) wrote,
nil.enroll(aetheric_username, quantum_class_id)

New Flash NULL pointer exploit causes security wizards to swoon

A fun tidbit, by the post's author ( Thomas Ptacek ) from the Matasano thread:
That’s awesome. Every programmer can also just not cram 200 bytes into buffers that are only big enough for 100. No need to change the C libraries. Bad programming? Use good programming. It’s so simple! How could we not have seen it!

His Matasano post is here and he links to the original paper, which I'm pretty sure _I_ wouldn't understand, so good luck.

The superstar in question, X-Force's Mark Dowd, found a twisty path past many traps intended to protect the Flash plugin and your computer's integrity and came up with a way to inject arbitrary code into the host computer from a Flash widget/movie (This is definitely not supposed to happen). That would be awesome (and terrible, yes) enough, but he did it with style and creativity that impressed his peers ... and will inspire lesser individuals to use his knowledge for petty evil. Oh, and yeah it cuts right across the best stuff Vista has, from most peoples reading. More testing will confirm. In the meantime, once again, leaving Flash enabled means any website you visit could accidentally or intentionally be hosting one of these little charmers which can take over your computer. Just like a malicious ActiveX control, jpeg file, or Java applet could, for given weeks in the recent history of the web, etc etc.

The specific vulnerability will be patched (hopefully quickly), the class of bug will remain, and stupid people will still be allowed to program... Computer programming is a young discipline and its' security younger still, which is why it's so fun and exciting. Good thing no one relies on any of these prototypes for anything important. Right?

Edits: The posts are piling up on Matasano after this one, so maybe this broke through his writer's block. And, I forgot to say congrads to Mr Dowd: Way to go, man!

Tags: bug

  • Walk?

    *pant* Well, just got back from a short walk around the complex (I restrain myself from the term neighbourhood), and it went pretty well. I listened…

  • Please *do* glorify some great hackers and not crime

    Please *do* glorify some great hackers and not crime Re: "Stop Glorifying Hackers"(sic) from the M. McWhorter, I'm sorry you had trouble safely…

  • MCU for Fall and Winter 2013

    The Keanu movie about the ronin was not as bad as the trailer led us to believe it would be. I saw it in a theatre with an aikido afficianado and…

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded