Mystery solved: MS emergency patch precedes Black Hat session

Black Hat session is set to explain how to override "killbit" patches.

Microsoft's latest emergency out-of-band patch was weird beyond belief. A notice was sent to journalists and researchers late Friday evening that the patch was coming Tuesday, but Microsoft refused to explain the flaw and even put a cone of silence around researchers who would otherwise talk about it. But finally, one researcher broke rank and explained that the patch was caused by a flaw introduced in Microsoft's own development tools. This flaw was also the source of the emergency ActiveX patch, which took about 18 months to complete and which supposedly fixed the problem by turning off ActiveX (setting a 'killbit' on the control). Researchers at Black Hat on Wednesday will be demonstrating how to override the killbit controls and get access to vulnerabilities supposedly stopped with a killbit. Microsoft has issued 175 killbits fixes so far. (See Black Hat's most notorious incidents.)

I've posted the full written statement by former Microsoft security dude Eric Schultze, who is now CTO of patch management vendor Shavlik Technologies, St. Paul, Minn. here, along with links to the patches: http://www.networkworld.com/community/node/43932

Visit the Microsoft Subnet web site for more news, blogs, podcasts. Subscribe to all Microsoft Subnet bloggers. Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)

  • As expected, Microsoft has released emergency patches for critical IE flaw
  • Microsoft releases Linux Hyper-V drivers but still wants to crush Linux
  • Zero-day protection
  • Microsoft utters the F-word: "free"
  • Roll your own XP-to-Windows 7 upgrade on a USB drive
  • Usability Testing SharePoint Sites: A little testing can make a big difference
  • Sometimes Slower Can Be Better
  • Giveaways and goodies from Microsoft Subnet and Cisco Subnet

Follow Microsoft Subnet on Twitter

 

Copyright © 2009 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022