Microsoft Baseline Security Analyzer exploit

Thanks me101 for showing me this ROFL :D Microsofts attempt on a clamped down security method for Windows PC's has a major flaw.. The program itself! read on..

After MBSA analyzes the system for security vulnerabilities, a report is created as a plain text file that includes sensitive information that can be used by hackers to attack the specific machine. MBSA was created to help users become aware of risks and available patches. However, MBSA turns the simple vulnerability of reading local files into a much more powerful vulnerability. Such a simple vulnerability allows potential hackers to find out about vulnerabilities that enable full control over the machine that is under attack. These are automatic attacks.

This means that active content (executables, scripts, ActiveX, Java, etc.) has the ability to generate a list of vulnerabilities or read a previously created list, and can then utilize these vulnerabilities to its advantage. Even if this report can be accessed only by a specific user, the active content can access it too.

Technical overview:

MBSA creates a report that includes sensitive information that can be used by hackers and save them research time. The report can be accessed by a malicious active content:

1. The report is written to a known folder, e.g., C:Documents and SettingsusernameSecurityScans. The user cannot change this location.

2. The XML report is written in plain text and can be used by hackers to find the machine's vulnerabilities.

News source: Microsoft Baseline Security Analyzer exploit @ Securiteam

View: Microsoft Baseline Security Analyzer 1.0 report from 04/09/2002

Report a problem with article
Next Article

MaxReboot reviews ATI Radeon 8500 64MB DDR

Previous Article

Why I trust Microsoft more than my bank

-1 Comments - Add comment