BugTraq
Defense in depth -- the Microsoft way (part 8): execute everywhere! Aug 24 2013 09:32PM
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)
Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere! Aug 24 2013 10:33PM
Jeffrey Walton (noloader gmail com) (3 replies)
Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere! Aug 26 2013 03:16PM
James Lay (jlay slave-tothe-box net) (1 replies)
> On Sat, Aug 24, 2013 at 5:32 PM, Stefan Kanthak
> <stefan.kanthak (at) nexgo (dot) de [email concealed]> wrote:
>> Hi,
>>
>> since it's start about 20 years ago Windows NT supports (fine
>> grained)
>> ACLs, including the permission "execute file".
>>
>> In their very finite wisdom Microsoft but decided back then to have
>> this permission set on EVERY file a user creates (and assumes it is
>> set on local and remote file systems which dont support ACLs).
>>
>> The result: on Windows, malware can run everywhere (and since CWD
>> alias "." is in the path, can be started everywhere)!

Keep these coming...these are very interesting reads...thanks Stefan.

James

[ reply ]
Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere! Aug 25 2013 12:07AM
Stefan Kanthak (stefan kanthak nexgo de)


 

Privacy Statement
Copyright 2010, SecurityFocus