Skip to main content
MSRC

MS08-067

GS cookie protection – effectiveness and limitations

Monday, March 16, 2009

The Microsoft C/C++ compiler supports the GS switch which aims to detect stack buffer overruns at runtime and terminate the process, thus in most cases preventing an attacker from gaining control of the vulnerable machine. This post will not go into detail about how GS works, so it may be helpful to refer to these MSDN articles for an overview and loads of detail on how GS works and what a GS cookie is.

Read More

Chills and Thrills at FIRST

Tuesday, February 10, 2009

Sveika! Hey Steve here, been a while since I posted on the EcoStrat blog. With all the security events that happened during the latter half of 2008, I have been very focused on working with the security update releases and Microsoft Active Protections Program (MAPP). Handle: Cap’n Steve IRL: Steve Adegbite

Read More

Most common questions that we've been asked regarding MS08-067

Saturday, October 25, 2008

Since the release we have received several great questions regarding MS08-067 (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx), thus we decided to compile answers for them. We still want to encourage everyone to apply the update. Can the vulnerability be reached through RPC over HTTP? No, the vulnerability cannot be reached through RPC over HTTP. RPC over HTTP is an end-to-end protocol that has three roles: client, proxy and server.

Read More

MS08-067: Example of Need for Increased Collaboration

Thursday, October 23, 2008

Handle: Cap’n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run You’ve probably heard that we released an out-of-band Security Bulletin for a vulnerability in Windows (MS08-067).

Read More