Friday, January 06, 2006

HD Moore and WMF disclosure

The WMF defect that has been all over the news media recently had one component that was just foolish. Once 'hacker' exploits had been discovered by the community, H.D. Moore very quickly created an exploit that demonstrated how the vulnerability works. Some people are claiming that this kind of public disclosure is irresponsible and there are even polls denouncing HD.

Nothing could be further from the truth. The bad guys already had exploits and were set up to succeed. He saved a lot time for the security community. For example, using his exploit, we could very quickly verify that our Memory Firewall technology just protected against any of the exploits out there with no loss of functionality. It would have taken us extra time to verify that without the existence of an exploit. We were able to build on that to find other indepth facts about the various bugs in the wmf parser.


Post a Comment

<< back