[Dailydave] Immunity's CLOUDBURST
Dave Aitel
dave.aitel at gmail.com
Mon Apr 6 21:01:11 EDT 2009
A few people have mentioned that this was a bit terse. It's "Final's"
night for a lot of people who watch collage basketball I hear, so I'll
leave you with just a quick bullet list and expand on it tomorrow:
1. What you're seeing in the movie is shellcode executing on a Host
from a driver that runs in a Guest.
2. If you're running the latest update of Workstation, you're patched.
3. ESX/ESXi is not vulnerable, to my knowledge.
4. The exploit is amazing, and at some point Kostya will do a talk on it.
5. As you can see in the movie, the exploit defeats DEP/ASLR on Vista
SP1 to go from guest to host. The exploit also works on Linux, but
ScreenFlash doesn't.
More on exploits and such tomorrow.
-dave
On Sat, Apr 4, 2009 at 4:22 PM, Dave Aitel <dave.aitel at gmail.com> wrote:
> If you have a CEU subscription, access it here:
> http://www.immunityinc.com/ceu-index.shtml
>
> For a quick movie:
> http://www.immunityinc.com/documentation/cloudburst-vista.html
>
> Kostya Kortchinsky's CLOUDBURST exploit is now available to CANVAS
> Early Update subscribers. It is patched in the latest versions of
> VMWare workstation and VMWare Player, etc.
>
> Thanks,
> Dave Aitel
> Immunity, Inc.
>
More information about the Dailydave
mailing list