Last Year's CanSecWest Winner Repeats on Vista, Ubuntu Wins

DimitryGH followed up on the earlier news that the MacBook Air lost CanSecWest by noting that "Last year's winner of the CanSecWest hacking contest has won the Vista laptop in this year's competition. According to the sponsor TippingPoint's blog, Shane Macaulay used a new 0day exploit against Adobe Flash in order to secure his win. At the end of the day, the only laptop (of OS X, Vista, and Ubuntu) that remained unharmed was the one running Ubuntu. How's that for fueling religious platform wars?"

Software sucks.

A 0-day exploit in Flash. What does Flash do? It paints to the screen. It has no need to communicate with other applications or write anywhere on the system except perhaps in a single configuration file. Why is this software not bullet proof? The thing is only a couple hundred kbytes small, for heaven's sake!

Re:Newsworthy?

[Henry+V+.009]

Second, no, this "could have happened to any OS" is wrong. A well-crafted browser (in this case, the browser is part of the OS) can in theory prevent browser plugins from accessing anything of importance. However I don't think any existing browsers do that - but they should.

Irony alert: IE7 is the only browser on the block that does this. I imagine that the vulnerability was accessed through the open-source alternative: Firefox.

And no, it's not because IE7 is part of the operating system. It's because IE7 uses Microsoft's secure API to achieve sandbox mode. Firefox really needs to start taking advantage of this API. Otherwise their "most secure way to surf" bullshit is going to be called into question real soon.

Re:Something is Fishy

[benjymouse]

I just wanted to add this: On my Vista x64 I have a service called "FlashUtil9e.exe - Adobe Flash Player Helper 9.0 r115". That's the broker process.

It is running as *me*, with my rights. Not for long now, though. Bye Flash.

Oh, and there's also an "Acrotray.exe" - from the same company. Guess what that does?

Re:What kind of exploit?

[kesuki]

well, firefox updating the day before a hacking contest would indeed make the ubuntu platform (the only one where firefox is default) the most secure, but one would think that if firefox is going to play that way, that Microsoft would release any patches they had in development the day before too, to be on the same playing field.

the fact that apple got cracked first, and presumably in a safari exploit shows that apple does not have the kind of security resources of either firefox (supported by aol, and google) or Microsoft can bring to a competition. Since the Microsoft vista system was taken out by an adobe vulnerability, and I often hear of adobe products having security holes, they might be in the same kind of boat as apple when it comes to releasing security patches.

Re:Popcorn anyone?

[xenocide2]

As an option, but not by default. As I understand it, someone asked why SELinux wasn't in Ubuntu, and when told "nobody wants to do the work", they went and did it.