0-day exploit speaks Chinese, bypasses UAC

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

Re: 0-day exploit speaks Chinese, bypasses UAC

Post by ssj100 on 1/12/2010, 23:13

aigle wrote:
ssj100 wrote:DefenseWall 3.09 Beta: After executing the POC as "Untrusted", the entire system freezes for a period of time. Then, the system appears to reboot itself and a BSOD error comes up once back in Windows. A rights level check in command prompt shows that the user rights have not changed, and therefore DefenseWall prevented the POC's main aim. However, DefenseWall users may not enjoy the spontaneous system freeze and BSOD caused by this POC.
Hmmm... not sure if DW is protecting against this exploit or not as system was rebooted. In my testing if I run the POC and just reboot the PC, the user rights are fixed back to normal automatically.
Good point. DefenseWall probably failed against this POC initially, hence Ilya's delay to release the final version of 3.09. Of course, you won't hear much of this failure now, since DefenseWall has now been patched to block the POC. Certainly there was nothing mentioned on the DefenseWall forums about this. Most likely someone read this thread and PM'ed Ilya haha.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: 0-day exploit speaks Chinese, bypasses UAC

Post by aigle on 7/12/2010, 03:10

I tried DW and it passes the POC.
avatar
aigle
Member
Member

Posts : 21
Join date : 2010-07-25

View user profile

Back to top Go down

Re: 0-day exploit speaks Chinese, bypasses UAC

Post by ssj100 on 7/12/2010, 09:07

aigle wrote:I tried DW and it passes the POC.
Yes, as has been said, DefenseWall has been specifically patched to block the POC. Sandboxie and GeSWall needed no such patch.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: 0-day exploit speaks Chinese, bypasses UAC

Post by aigle on 8/12/2010, 00:51

Hmmm.....was this latest version released after the exploit was discovered? If so I will try with older version but I don,t have it.
avatar
aigle
Member
Member

Posts : 21
Join date : 2010-07-25

View user profile

Back to top Go down

Re: 0-day exploit speaks Chinese, bypasses UAC

Post by Scoobs72 on 8/12/2010, 01:37

aigle wrote:Hmmm.....was this latest version released after the exploit was discovered? If so I will try with older version but I don,t have it.

Yes, the exploit turned up midway through the latest DW beta, which was patched before the final release.

Scoobs72
Member
Member

Posts : 28
Join date : 2010-11-05

View user profile

Back to top Go down

Re: 0-day exploit speaks Chinese, bypasses UAC

Post by Sponsored content


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum