IE 0day accidentally leaked to Chinese hackers
Details concerning a potentially serious security vulnerability in fully patched versions of Microsoft's Internet Explorer have been leaked to people in China, a researcher warned over the weekend. Michal Zalewski, a security researcher at Google, blogged that data concerning at least one “clearly exploitable crash” in the …
This topic is closed for new posts.
I accidentally the whole server!
Proposal:
"accidentally been indexed by Google" == "googlexed"
The 0day wasn't leaked *to* the Chinese
If you read the original blog post you'll see that Zalewski isn't saying that they accidentally leaked the data to the Chinese but that a Chinese IP address accessed Zalewski's website having used some Google search terms that suggest very heavily that they (the Chinese IP address) already knew about the vulnerability and were looking to see if anyone else knew about it.
The Chinese (allegedly) appear to have leaked the fact that they already knew about this 0day, which is interesting.
sitting on a web server
What, they just hoped no one would find it?
MS knew about it for ages, but sat on it. Now they can wait and see if it gets used, then maybe fix it after a few more months.
Must be one of the hard to fix bugs because it's commingled with other Windows features.
Oops!
hacked self wide open 'researching', coders come sniffing using the goog as mega C&C, game over.
Surfing in places you wouldnt take your Mother? Hmmm.
Tea & biscuits anyone?
Ahhh Hmmmmmm Ummmmmmmm
Ummmmmm well another Microsoft battle - with the management leading from the rear and the consumers as cannon fodder.
Hmmmmmmmmmmmmmmmm
Note to Chinese hackers
Next time use a US-based IP address and everything will be OK.
If its that important
Why not place it in a url that isn't accessible to google crawlers? I mean just because you have a webserver out there does that give google free license to crawl it? Conversely, Microsoft could take matters into their own hands and implement some form of security that would deny access to such url's from google IP addresses.
Blocking google crawlers
All you need is a robot.txt file to block google crawlers from accessing specific parts of your website ... third-party crawlers might ignore though ...
http://webdesign.about.com/od/promotion/ht/htrobotstxt.htm
Double take...
>On December 30, detailed search queries [At Google?] showed that the sensitive information, in addition to files for an unpublished security tool, had been retrieved by the unknown party.<
Am I reading this right? Google employees casually check the Google search logs to see who (IP address, unique cookies etc) used specific search phrases?
The Lord and Scroogle help us :-(
Paris - because Michal Zalewski knows I searched for her on Christmas Eve.
weblog
Nope - the users own web server logs would have provided all of that information.
Microsoft
So, another critical security bug in MS software.
Yet another reason for offices around the world to ditch their shitty software and move to another OS. (ANY other OS!)
Any other OS?
Why do you think joyriders steal certain types of car? Because they are common, cheap, and purely protected. Lowest common denominator.
Once any OS achieves a reasonable market penetration it will very quickly come under the same level of attack as Windows. But given Windows has ~87% of the market, who'd go chasing anything but Windows.
I'm not defending MS - their stuff is leaky as hell and needs fixed or replaced. But don't be under the illusion that other OSs are bug and vulnerability free. If the same effort was focused on finding faults, far more would be discovered.
Ironic that Open Source Linux is essentially Security by Obscurity since it has such a limited user base :)
Chinese?
Who? I am in Hong Kong as sundry web services insist on reminding me with unwanted content.
What does that make me? Chinese?
I'm from Liverpool and as they say there as a farewell parting to an unwanted acquaintance : "Have an accident".
«Accidentally leaked to Chinese hackers» ?
This is how Michal Zalewski himself sums up the matter : «[t]he pattern is very strongly indicative of an independent discovery of the same vulnerability in MSIE using unrelated tools, eventually leading the discoverer to my site; other explanations for this pair of consecutive searches seem extremely unlikely». I am aware that the US military and that country's foreign ministry, not to speak of legislators seeking votes and certain economists seeking brownie points, tend to portray the Chinese as their favourite bêtes noires, but do Reg columnist have to join the chorus ?...
Henri
@mhenriday: Don't Worry, China has Nukes
Even if much of these allegations are fabricated, it won't matter too much because since Mao the Chinese have a functioning military the U.S. won't want to mess with. (see Korea)
From what I know out of non-government sources, Chinese IT equipment is indeed often laden with some sort of malware features. Think of IP-connected cameras streaming images home to their manufacturer and the like. Simple logging at the gateway will give them away, so their methods are still quite rough...
This topic is closed for new posts.
