Comment Re:Does the patch actually work? (Score 1) 59
Yes, it actually shows the results of a patched ROM.
There is a (short) analysis of the patch at: http://www.reddit.com/r/programming/comments/ggeac/security_advisory_plumber_injection_attack_in/c1nefj4
Comment Re:Does the patch actually work? (Score 1) 59
It's a real patch. The second video is the result of attempting to run the same speed run on a patched copy.
Submission + - Plumber Injection Attack in Bowser’s Castle (ksplice.com) 1
An anonymous reader writes: Security Advisory SMB-1985-0001: Plumber Injection Attack in Bowser’s Castle
Ksplice, working in conjunction with Lakitu Cloud Security, has released a high-severity advisory about a Plumber Injection attack in multiple versions of Bowser's Castle. An Italian plumber could exploit this bug to bypass security measures (walk through walls) in order to rescue Peach, to defeat Bowser, or for unspecified other impact.
This vulnerability is demonstrated by "happylee-supermariobros,warped.fm2". Attacks using this exploit have been observed in the wild, and multiple other exploits are publicly available. A patch has been made available.
Ksplice, working in conjunction with Lakitu Cloud Security, has released a high-severity advisory about a Plumber Injection attack in multiple versions of Bowser's Castle. An Italian plumber could exploit this bug to bypass security measures (walk through walls) in order to rescue Peach, to defeat Bowser, or for unspecified other impact.
This vulnerability is demonstrated by "happylee-supermariobros,warped.fm2". Attacks using this exploit have been observed in the wild, and multiple other exploits are publicly available. A patch has been made available.