Grey bar Blue bar
Share this:

Thu, 12 Jun 2008

Carpet Bombing and eating Crow...

The recent Safari Carpet Bombing bug reported by Nitesh Dhanjani and ignored by Apple had all the makings of an egg-on-face incident. We were discussing it over foosball, and the obvious consensus was "if a line starts with: "thats not exploitable, its only.." then odds are you are wrong.."

But.. lots of people quicker and smarter than me [1, 2, 3] blogged (or twittered) about why this was a silly approach for apple to take..

Interestingly.. Microsoft bloggers were quick to pounce on this PR-Fiasco in the making. Microsoft released a security advisory commenting on the danger of a "blended threat" - Now.. by accident (or by design) that advisory looks a lot like - "This is an Apple screwup!", indeed one of the solutions is: "Restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple."

The advisory (now) also credits "Aviv Raff" for his report. LiuDieYu0

filled in the details, pointing to Avivs 2006 Finding, which is a pure DLL search order bug (which incidentally was published as an IE7 bug). So now the Microsoft folks who were sneering at Safari all end up shuffling their feet a little while looking at the floor. All credit to RHensing from Microsoft, who quickly awarded Microsoft the FAIL open goat award too.. *ouch*

Like sands through the hourglass...