Last Year's CanSecWest Winner Repeats on Vista, Ubuntu Wins

DimitryGH followed up on the earlier news that the MacBook Air lost CanSecWest by noting that "Last year's winner of the CanSecWest hacking contest has won the Vista laptop in this year's competition. According to the sponsor TippingPoint's blog, Shane Macaulay used a new 0day exploit against Adobe Flash in order to secure his win. At the end of the day, the only laptop (of OS X, Vista, and Ubuntu) that remained unharmed was the one running Ubuntu. How's that for fueling religious platform wars?"

Software sucks.

A 0-day exploit in Flash. What does Flash do? It paints to the screen. It has no need to communicate with other applications or write anywhere on the system except perhaps in a single configuration file. Why is this software not bullet proof? The thing is only a couple hundred kbytes small, for heaven's sake!

Re:Newsworthy?

[Henry+V+.009]

Second, no, this "could have happened to any OS" is wrong. A well-crafted browser (in this case, the browser is part of the OS) can in theory prevent browser plugins from accessing anything of importance. However I don't think any existing browsers do that - but they should.

Irony alert: IE7 is the only browser on the block that does this. I imagine that the vulnerability was accessed through the open-source alternative: Firefox.

And no, it's not because IE7 is part of the operating system. It's because IE7 uses Microsoft's secure API to achieve sandbox mode. Firefox really needs to start taking advantage of this API. Otherwise their "most secure way to surf" bullshit is going to be called into question real soon.

Re:Something is Fishy

[benjymouse]

I just wanted to add this: On my Vista x64 I have a service called "FlashUtil9e.exe - Adobe Flash Player Helper 9.0 r115". That's the broker process.

It is running as *me*, with my rights. Not for long now, though. Bye Flash.

Oh, and there's also an "Acrotray.exe" - from the same company. Guess what that does?