The Inside Story Behind MS08-067 and the Value of Telemetry

Started by Corrine, October 04, 2015, 12:57:05 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Corrine

October 04, 2015, 12:57:05 AM
Without telemetry and diligent research by Microsoft Security Engineers, Conficker would have had half a billion more targets!

QuoteSeven years ago a small set of targeted attacks began.  In 2008 an unknown set of attackers had a zero day vulnerability that would soon have worldwide attention.  They were patient and used it quietly in several countries in Asia.  The vulnerability was not just good--it was the kind of vulnerability that offensive teams and bug hunters dream about.  It was, as we say in the business, “wormable”. That word sends chills down any defender’s spine.  In short, the attackers had a remote code execution (RCE) vulnerability that affected every version of Windows, gave them full control at SYSTEM level rights, left almost no forensic footprint, and could be used anonymously from anywhere on the Internet.  Their exploit was 95% reliable. Almost perfect. Almost.

Details at The Inside Story Behind MS08-067 - Defender Mindset


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.
Print
Go Up Pages1
User actions