Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Java.ByteVerify exploit - SANS Internet Storm Center SANS ISC InfoSec Forums

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Java.ByteVerify exploit

Come April, we will reach the FIFTH anniversary of the ByteVerify vulnerability (MS03-011). Untangling some seriously obfuscated JavaScript coming from a couple of web sites in China earlier today, I ended up with - yes, a ByteVerify exploit. Also in the package was an MDAC exploit (MS06-014), whose second anniversary will be up this April as well.

To see these exploits still in use can only mean one thing: They still work.

And they seem to work well enough that the bad guys can instead sink their time into developing new obfuscation techniques and other ways to make analysis more difficult -- only to deliver a five year old exploit in the end. Not a very stellar testament to patching efforts.



367 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!