PostHole
Compose Login
You are browsing eu.zone1 in read-only mode. Log in to participate.
rss-bridge 2008-06-12T10:29:27+00:00

Carpet Bombing and eating Crow…

The recent Safari Carpet Bombing bug reported by Nitesh Dhanjani and ignored by Apple had all the makings of an egg-on-face incident. We were discussing it over foosball, and the obvious consensus was “if a line starts with: “thats not exploitable, its only..” then odds are you are wrong..”
But.. lots of people quicker and smarter than me [1, 2, 3] blogged (or twittered) about why this was a silly approach for apple to take..

The recent Safari Carpet Bombing bug reported by Nitesh Dhanjani and ignored by Apple had all the makings of an egg-on-face incident. We were discussing it over foosball, and the obvious consensus was “if a line starts with: “thats not exploitable, its only..” then odds are you are wrong..”

But.. lots of people quicker and smarter than me 1, 2, 3] blogged ([or twittered) about why this was a silly approach for apple to take..

Interestingly.. Microsoft bloggers were quick to pounce on this PR-Fiasco in the making. Microsoft released a security advisory commenting on the danger of a “blended threat” – Now.. by accident (or by design) that advisory looks a lot like – “This is an Apple screwup!”, indeed one of the solutions is: “Restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple.”

The advisory (now) also credits “Aviv Raff” for his report. LiuDieYu0

filled in the details, pointing to Avivs 2006 Finding, which is a pure DLL search order bug (which incidentally was published as an IE7 bug). So now the Microsoft folks who were sneering at Safari all end up shuffling their feet a little while looking at the floor. All credit to RHensing from Microsoft, who quickly awarded Microsoft the FAIL open goat award too.. ouch

Like sands through the hourglass…

Original source

Reply