[Full-disclosure] More information on ZERT patch for ANI 0day
xenophage0 at gmail.com
Wed Apr 4 02:20:33 BST 2007
On 4/3/07, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
<sbradcpa at pacbell.net> wrote:
> the community need that they are reacting to. Gadi and the crew work
> hard and have my respect for their efforts.
Agreed. Previous patches worked as advertised with no adverse side
> If you are willing to evaluate the eEye patch, Zert's should be higher
> on your list as well since reportedly it works better than eEye's.
eEye's patch only protects from attacks outside of %systemroot%. If
an attacker can place a vulnerable file within %systemroot%, all bets
ZERT's patch, on the other hand, protects regardless of where the file
is located. It specifically prevents the stack overflow condition by
blocking chunks larger than 36 bytes from being copied.
> Regardless it's a moot point. The real patch is out.
> Install that one. It's on Windows update now.
ISC is reporting problems with the Microsoft patch. A problem with
the Realtek HD Audio Control Panel has been confirmed and patched by
Microsoft. Other problems have been reported but no additional
information on them has been released at this point.,
Jason 'XenoPhage' Frisvold
XenoPhage0 at gmail.com
Full-Disclosure is hosted and sponsored by Secunia.