TDL4 malware sample exploits kernel

Discussion in 'malware problems & news' started by MrBrian, Mar 4, 2014.

Thread Status:
Not open for further replies.
  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From http://labs.bromium.com/2013/10/22/the-latest-tdl4-and-cve-2013-3660-exploit-enhancements/ (October 22, 2013):
     
  2. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  3. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Terrible tech journalism here. Tavis Ormandy does *independent vulnerability research* but he always gets labeled " Google Researcher" so that they can click bait people.

    Trying to stir up drama when disclosure is handled like this all the time, and for good reasons - in this case Ormandy knows that MS is hostile towards researchers most of the time.

    Anyways, yeah, attackers like kernel vulns and this will continue.
     
  5. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,461
    What exactly is so awful about Microsoft's policies dealing with researchers that Ormandy would not even bother telling them first? I have difficulty buying his argument. And there is conflict of interest if he works for Google, no?

    That said, seven weeks is a long time to leave a hole like that unpatched, and I don't buy the bit about "no time to react" either. No way does MS not keep an eye on full disclosure sites.
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Lots of companies are terrible about disclosure, they act threatened and they will often threaten you back.

    There is no conflict of interest here. One guy works for a company, and did independent research (as he has done since before he worked for the company) about another company.
     
Loading...
Thread Status:
Not open for further replies.