Forgot your password?
Close
typodupeerror
Security

Microsoft's "Dead Cow" Patch Was 7 Years In the Making 203

Posted by timothy from the were-they-lean-years-or-fat-years? dept.
narramissic writes "Back in March 2001, a hacker named Josh Buchbinder (a.k.a Sir Dystic) published code showing how an attack on a flaw in Microsoft's SMB (Server Message Block) service worked. Or maybe the flaw was first disclosed at Defcon 2000, by Veracode Chief Scientist Christien Rioux (a.k.a. Dildog). It was so long ago, memory is dim. Either way, it has taken Microsoft an unusually long time to fix. Now, a mere seven and a half years later, Microsoft has released a patch. 'I've been holding my breath since 2001 for this patch,' said Shavlik Technologies CTO Eric Schultze, in an e-mailed statement. Buchbinder's attack, called a SMB relay attack, 'showed how easy it was to take control of a remote machine without knowing the password,' he said."
Microsoft

Microsoft Giving SMB2 Talks At SambaXP 53

Posted by kdawson from the pinch-me dept.
Jeremy Allison - Sam writes "I'm not much for writing blog entries, but I thought Slashdot readers might like to know that Microsoft architects and testers are attending SambaXP and have been giving some wonderful talks on how the protocol document testing works, and on the design of SMB2 in order to work well on WAN links. Really interesting technical stuff. Pinch me, I'm back in 1994 and things are really fun again :-)."

Slashdot Top Deals

Any sufficiently advanced technology is indistinguishable from magic. -- Arthur C. Clarke

Close