Slashdot Mirror
Honeymonkeys Discover Undisclosed Vulnerability
spafbnerf writes "Securityfocus is running an article on Microsoft's honeymonkey project, previously covered on Slashdot. In early July 2005, this project discovered its first exploit for a vulnerability that had not been publicly disclosed, the JView profiler vulnerability which Microsoft announced later that month. "
Genuine advantage is required only for non-security related updates. Security updates will keep streaming to your computer irrespective of Windows Genuine Advantage
Hi, at least with Windows XP it did not!
And it has a valid license. Automatic updates
worked until that 'genuine advantage' thing, when
I had to run it manually (to install the new update wizard). Only after that the genuine advantage installed and only after that
security updates have been installed.
I can't believe that people are lapping this up.
The so-called vulnerability that Microsoft claim to have found a 0-day for in the second week of July was actually discovered by SEC-Consult, and first published on June 29, having discovered it, and notified Microsoft on June 17. There was effectively nil response from Microsoft (they claimed to have not been able to reproduce the issue...).
While many people believe that the sample object used, the javaprxy.dll, was the flaw itself, the first paragraph of the advisory (the background) indicates that it is a COM level issue, and they identified at least 20 vulnerable objects on a standard XP installation.
It was this issue that Microsoft ignored until the recent Black Tuesday updates, and then claimed ownership of via the honey monkey project.
Sorry, guys, you can't claim something that has already been published openly, and ignored when notified.
InfoSec that matters, when it counts.
IE 7 in Vista can supposedly run in a "self-lock-down" mode that denies itself a lot of access, even more than a normal "limited user account". It's been mentioned in ieblog, just google it.