Wintercore - Thinking Code
Wintercore releases an advisory for Consona products.
Thursday, 06 May 2010 14:27

Rubén Santamarta, head of Security Assessment department of Wintercore, presented a 0day attack in the past RootedCon, a security conference that was held in Madrid last March.

The attack was comprised of several chained vulnerabilities discovered in certain Consona's products: XSS, remote code execution, local privilege escalation...This allows an attacker to remotely compromise the target's PC by enticing the victim into visiting a malicious webpage. The attacker gains SYSTEM privileges.

2 months later, thanks to the coordination services of the US-CERT, Consona has released an advisory/patch for these vulnerabilities. US-CERT and Wintercore disclosed a coordinated advisory today at 18:00.

It's worth noting that right after presenting the flaw we provided Consona's engineers, as well as other affected vendors, all the technical details about the attack.Some vendors affected are Comcast, Sony, Symantec, Dell...

Ruben's talk slides can be downloaded by clicking here

We want to make an special mention to all the people who attended RootedCon (+400) for contributing to maintain this issue "semi-private" till a patch will be available. Not an easy task, thank you so much.

References:

http://www.kb.cert.org/vuls/id/602801
http://www.consona.com/Content/CRM/Support/SecurityBulletin_April2010.pdf
 
Unpatched Java flaw opens up the door to web-based attacks.
Monday, 12 April 2010 11:20

Rubén Santamarta, head of Security Assessment department of Wintercore, has disclosed technical details about an important security flaw that affects Oracle's Java.

Malicious attackers can exploit this bug in order to execute arbitrary code on Windows-based machines,from 2000 to Windows 7, thus opening up the door to Drive-by Downloads or massive compromises. Linux users are potentially affected as well. MACOSX's users are not vulnerable.

A minimal user interaction is required to exploit this flaw, attackers should entice the victim into visiting a specially crafted webpage to gain the control over the PC. All browsers supported by Java are vulnerable, IE8, Firefox,Chrome...

Tavis Ormandy, a security engineer from Google, disclosed a similar flaw that only affects IE8 and Firefox in a post to security list "Full-Disclosure", this fact led Rubén Santamarta to release, the same day, the technical details regarding the major flaw he had discovered several weeks ago.

There is no patch available at this moment, so Wintercore urges users and system administrators to apply the provided workarounds.

Oracle has released JRE 6.0.20 to address these vulnerabilities.

http://www.java.com

 
In the Media
Wednesday, 24 March 2010 09:18

The mainstream medias are increasing the attention paid to Vulnerability Assessment field.

Thanks to success of the Spanish RootedCON, which had TV coverage, the bug detection in software or in other systems is getting more attention by the media.

Our co-worker Ruben Santamarta, an international renowned security researcher who was attending the conference as speaker and trainer, will is being interviewed by several spanish radios and newspapers.

Today is the turn of "La Cronica de Leon", an article where he unveils how the malware industry works and talks about his daily work. [+] spanish article: "El usuario doméstico es el eslabón más debil".

Tomorrow, March 25th, will be interviewed in Radio 3 at 8:15 am, in the spanish show "Aquí empieza todo".(Spanish podcast available for download as mp3)

Another interview, this time in the Radio CadenaSer http://www.wintercore.com/downloads/entrevista_cadenaser.mp3

Next week another interviewed will be aired by ComRadio.