ssj100 Security Forums
Would you like to react to this message? Create an account in a few clicks or log in to continue.

0-day exploit speaks Chinese, bypasses UAC

5 posters

Page 2 of 2 Previous  1, 2

Go down

0-day exploit speaks Chinese, bypasses UAC - Page 2 Empty Re: 0-day exploit speaks Chinese, bypasses UAC

Post by ssj100 1/12/2010, 23:13

aigle wrote:
ssj100 wrote:DefenseWall 3.09 Beta: After executing the POC as "Untrusted", the entire system freezes for a period of time. Then, the system appears to reboot itself and a BSOD error comes up once back in Windows. A rights level check in command prompt shows that the user rights have not changed, and therefore DefenseWall prevented the POC's main aim. However, DefenseWall users may not enjoy the spontaneous system freeze and BSOD caused by this POC.
Hmmm... not sure if DW is protecting against this exploit or not as system was rebooted. In my testing if I run the POC and just reboot the PC, the user rights are fixed back to normal automatically.
Good point. DefenseWall probably failed against this POC initially, hence Ilya's delay to release the final version of 3.09. Of course, you won't hear much of this failure now, since DefenseWall has now been patched to block the POC. Certainly there was nothing mentioned on the DefenseWall forums about this. Most likely someone read this thread and PM'ed Ilya haha.
ssj100
ssj100
Administrator
Administrator

Posts : 1390
Join date : 2010-04-14

https://ssj100.forumotion.com

Back to top Go down

0-day exploit speaks Chinese, bypasses UAC - Page 2 Empty Re: 0-day exploit speaks Chinese, bypasses UAC

Post by aigle 7/12/2010, 03:10

I tried DW and it passes the POC.
aigle
aigle
Member
Member

Posts : 21
Join date : 2010-07-25

Back to top Go down

0-day exploit speaks Chinese, bypasses UAC - Page 2 Empty Re: 0-day exploit speaks Chinese, bypasses UAC

Post by ssj100 7/12/2010, 09:07

aigle wrote:I tried DW and it passes the POC.
Yes, as has been said, DefenseWall has been specifically patched to block the POC. Sandboxie and GeSWall needed no such patch.
ssj100
ssj100
Administrator
Administrator

Posts : 1390
Join date : 2010-04-14

https://ssj100.forumotion.com

Back to top Go down

0-day exploit speaks Chinese, bypasses UAC - Page 2 Empty Re: 0-day exploit speaks Chinese, bypasses UAC

Post by aigle 8/12/2010, 00:51

Hmmm.....was this latest version released after the exploit was discovered? If so I will try with older version but I don,t have it.
aigle
aigle
Member
Member

Posts : 21
Join date : 2010-07-25

Back to top Go down

0-day exploit speaks Chinese, bypasses UAC - Page 2 Empty Re: 0-day exploit speaks Chinese, bypasses UAC

Post by Scoobs72 8/12/2010, 01:37

aigle wrote:Hmmm.....was this latest version released after the exploit was discovered? If so I will try with older version but I don,t have it.

Yes, the exploit turned up midway through the latest DW beta, which was patched before the final release.

Scoobs72
Member
Member

Posts : 28
Join date : 2010-11-05

Back to top Go down

0-day exploit speaks Chinese, bypasses UAC - Page 2 Empty Re: 0-day exploit speaks Chinese, bypasses UAC

Post by Sponsored content


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum