Who is going to bindiff the MS WMF patch first? Already done.

apparently, guys from the funsec list:

“looked at it over someone else’s shoulder, on a 64 bit system, they
just disallowed setabort. in other words, the “functionality” is
broken (which is a good thing)” — pierre.

rings any bells?

gadi evron,
ge@beyondsecurity.com

Share
  • http://blogs.securiteam.com/index.php/archives/author/mattmurphy/ Matthew Murphy

    No bindiff needed. It is an inline’d, limited version of Ilfak’s temp patch. MS even says so themselves. :-)

  • foo dog

    This is a bogus blog post linking to some mailing list. Where is the actual message you are referencing? Look’s like someone phishing for subscriptions if you ask me…

  • Atrus

    Here’s the referenced post, in all of it’s unconvincing glory.

  • http://blogs.securiteam.com Ren & Stimpy

    Is this proof enough?
    http://blogs.securiteam.com/index.php/archives/184

    See the code youself.