Had a good time investigating this:
OpenType Font File causes Windows to crash.
Microsoft hasn’t acknowledged the bug’s presence, nor have they issued a fix. So right now, if you’re running Win2K or XP, you’re vulnerable. In my case I was able to lock up a Win2K machine so badly that it refused to ever boot again, [...]
Someone in ;login: magazine a few issues back talked about the proliferation of poorly-configured Linux boxes, and how the volume of these will eventually outstrip the quantity of poorly-configured Windows boxes as Linux increases in popularity. The notion that Linux is more secure than Windows falls apart when you have clueless users who willfully follow [...]
At work we’ve been trying out a wonderful tool from Dave Aitel of Immunity Security called SPIKE. I haven’t tried to actually use SPIKE to generate any DCE RPC calls that would actually cause a Windows box to detonate, but partly it’s because that’s not really my job; I don’t detect the vulnerabilities, I just [...]
Julian Dunn's Journal is Digg proof thanks to caching by WP Super Cache