Gnosis

New Member
"Some exploitable software bugs are found by independent researchers and never reported to the software vendor. They are deadly because nobody knows about them except the attacker. This means there is little to no defense against them (no patch is available).

Many exploits that have been publicly known for more than a year are still being widely exploited today. Even if there is a patch available, most system administrators don't apply the patches in a timely fashion. This is especially dangerous since even if no exploit program exists when a security flaw is discovered, an exploit program is typically published within a few days after release of a public advisory or a software patch.

Although Microsoft takes software bugs seriously, integrating changes by any large operation system vendor can take an inordinate amount of time.

When a researcher reports a new bug to Microsoft, she is usually asked not to release public information about the exploit until a patch can be released. Bug fixing is expensive and takes a great deal of time. Some bugs are not fixed until several months after they are reported.

One could argue that keeping bugs secret encourages Microsoft to take too long to release security fixes. As long as the public does not know about a bug, there is little incentive to quickly release a patch. To address this tendency, the security company eEye has devised a clever method to make public the fact that a serious vulnerability has been found, but without releasing the details."

Information is extracted from "ROOTKITS, Subverting the Windows Kernel"; by Greg Hoglund and James Butler
 

Gnosis

New Member
I don't have a PDF version. The internet is stubborn concerning this book. I have typed almost all of what I have posted from the book. You can buy it used at Amazon for 12 bucks. That includes shipping. It is a good read. I got my used copy at Half Price Books. It is like new. I got it for 7 bucks.

A great complement to it is a book entitled: "Exploiting Software". That would be kind of like "part 1" of the series, whereas ROOTKITS, Subverting.................would be part II.

http://www.amazon.com/Rootkits-Subverting-Windows-Greg-Hoglund/dp/0321294319/ref=sr_1_1?s=books&ie=UTF8&qid=1347081497&sr=1-1&keywords=rootkits+subverting+the+windows+kernel

http://www.amazon.com/Exploiting-Software-How-Break-Code/dp/0201786958/ref=sr_1_1?s=books&ie=UTF8&qid=1347081567&sr=1-1&keywords=exploiting+software