-
August 27th, 2005, 05:09 PM
#1
Windows flaw may hide malicious software
Bring on the updates . . .
Published: August 26, 2005, 5:11 PM PDT
By Joris Evers
Staff Writer, CNET News.com
Misscreants could hide their malicious software on a Windows PC by using overly long registry keys, security experts have warned.
http://news.com.com/Flaw%20may%20hid...3863&subj=news
More from SANS . . .
http://isc.sans.org/
-
August 27th, 2005, 05:16 PM
#2
That does nothing to hide the malicious software. All it does is prevent certain AV's and whatnot form detecting it.
The keys are still in plain sight.
Just use regedit like a good little hax0r.
-
August 27th, 2005, 06:04 PM
#3
Hidden from AV's isn't hidden enough ??
You're right, but most people don't cruise the registry to see if anything is there that they don't want. If monitoring software can't see it and it doesn't bring attention to itself, it is as good as invisible.
-
August 27th, 2005, 06:20 PM
#4
I believe that this security risk would fit under the topic of "ignorant user"?
You pay $1k+ for a machine that you don't even bother to learn the basics of?
-
August 27th, 2005, 06:40 PM
#5
Never mind the fact that most home users go about their day to day under a full administrative account and allow any number of system critical files to be changed. Atleast this way the system will be clean... because the OS said so.
-
August 28th, 2005, 08:46 PM
#6
Originally posted here by d0pp
That does nothing to hide the malicious software. All it does is prevent certain AV's and whatnot form detecting it.
The keys are still in plain sight.
Just use regedit like a good little hax0r.
The point is that you can't see them with regedit, and many tools bug out when viewing the overly long reg name.
What can and can't spot a malicious key:
http://isc.sans.org/diary.php?date=2005-08-25
No reason for it not to show up in new malware...
-
August 29th, 2005, 01:45 PM
#7
And once again assumption is the mother of all ****ups..
I didn't know even regedit assumed 256chars max...
stupid !
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|