The War Between Hackers and MS
There's an interesting post by Summers regarding Robert Hensing's security Incident Response team at Microsoft. Summers writes that because cracker kiddeez have figured out how to replace WINLOGON.EXE, the time to be complacent about security updates has come and gone. Kinda makes you want to head home as fast as possible and unplug everything, eh?
Why does Hacking WinLogon.Exe matter? Because it's your root -- it's your machine -- it controls everything. And now hackers know how to do this. Perhaps they've know for awhile.
Hensing at Microsoft explains that part of the hack includes obfuscation techniques using GIFs as EXEs -- after all, you can run any file, regardless of its extension from inside a command shell if it is an executable. Kind of scary.
The point of all of this? It just goes back to the fact that MS products continue to be swiss-cheese for any hacker worth his salt.
Why does Hacking WinLogon.Exe matter? Because it's your root -- it's your machine -- it controls everything. And now hackers know how to do this. Perhaps they've know for awhile.
Hensing at Microsoft explains that part of the hack includes obfuscation techniques using GIFs as EXEs -- after all, you can run any file, regardless of its extension from inside a command shell if it is an executable. Kind of scary.
The point of all of this? It just goes back to the fact that MS products continue to be swiss-cheese for any hacker worth his salt.
0 Comments:
Post a Comment
<< Home