• Home
  • Now
  • RSS

HPSHELTON

Programming, Privacy, Politics, Photography

May 12, 2012

MS12-034: Duqu, Ten CVE's, and Removing Keyboard Layout File Attack Surface →

The Office document attack vector leveraged by the Duqu malware was addressed by MS11-087 – Duqu is no longer able to exploit that vulnerability after applying the security update. However, we wanted to be sure to address the vulnerable code wherever it appeared across the Microsoft code base. To that end, we have been working with Microsoft Research to develop a "Cloned Code Detection" system that we can run for every MSRC case to find any instance of the vulnerable code in any shipping product. This system is the one that found several of the copies of CVE-2011-3402 that we are now addressing with MS12-034.

Awesome. Hotmail uses a related system developed by MSRC for XSS attacks.

Older →

← Newer

 

Links

  • RSS
  • GitHub
  • Liked Posts
  • LinkedIn

H. Parker Shelton

I'm just an ordinary thirty-something who's had some extraordinary opportunities. I graduated from Johns Hopkins University, work for Microsoft in Silicon Valley, code websites and applications, take the occasional photograph, and keep a constant eye on current events, politics, and technology. This blog is the best of what catches that eye.

 
  • © 2010 – Present, H. Parker Shelton (Except Where Noted)
  • Hosted by GitHub Pages
  • Design by Ian P. Hines