"Shattered" Windows
Results 1 to 5 of 5

Thread: "Shattered" Windows

  1. #1
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830

    "Shattered" Windows

    Last fall security researchers discovered a security flaw that used the Windows messaging system to request privileged applications to run malicious code. The original discoverer of this type of attack dubbed it "shatter."

    When informed of the flaw last fall Microsoft insisted that because the attacker would need physical access to the PC it was not a flaw at all. Microsoft maintains a position that if someone has physical access to your PC you already lost- no amount of proper coding and security precautions can stop someone with physical access and time on their hands.

    Eventually they patched it anyway. Now, researchers are pointing out that Microsoft only patched the instance of the flaw for one specific process, while leaving the root vulnerability and other applications open to attack. They state that this is not a single vulnerability, but a class of attack that many processes and applications are vulnerable to.

    For more information you can read this News.com article.

    [EDIT]had to fix spelling errors [/EDIT]


  2. #2
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Definately an interesting topic.

    If anyone has the whitepaper or stumbles across it, I would be very interested in seeing it. The given link to the whitepaper is http://security.tombom.co.uk/shatter.html however the url seems to no longer exist, and google points solely to that link.

    In my searches I did happen to stumble across Microsofts initial response to the paper and if anyone is interested in reading it, it is available @ http://www.microsoft.com/technet/tre...ews/htshat.asp

    Thanks for the info Tony, I feel kind of out of the loop having never heard about this until now.

    [Edit]
    After doing some searching on PacketStorm I still haven't found the original whitepaper. However I have found an iAlert Whitepaper entitled Win32 Message Vulnerabilities Redux, published this month. I'm on my way out the door, so I haven't read it just skimmed it, but it llooks like it's a good read.
    [/Edit]
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  3. #3
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    Here is a link to the iDefense White Paper

    Shatter Redux

  4. #4
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Thanks Tony, I guess I forgot to include the link. Damn these early mornings on my days off....
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  5. #5
    AO's Fluffy Bunny cdkj's Avatar
    Join Date
    Feb 2003
    Posts
    1,236
    I hope this helps you


    http://informatics.ntu.edu.au/staff/...er_attack.html <-----------This information was copied from http://security.tombom.co.uk/shatter.html. It is reproduced here just in case the original page goes missing.)

    http://public.planetmirror.com/pub/s...osoft/shatter/

    http://smokeping.planetmirror.com/pu...osoft/shatter/
    I had to google 'jfgi' to see what it meant. The irony is overwhelming.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •