Attackers pass on OS, aim for drivers and apps


The disappearance of easy-to-find flaws in the major operating systems has pushed vulnerability researchers to branch out from finding security issues in core system software and instead concentrate on the device drivers and client-side agents present on all PCs, security experts said on Wednesday at the Black Hat Briefings.

During a presentation, two vulnerability researchers from security firm Matasano presented the results of their research on the common software agents included on many enterprise computer systems. The two researchers, David Goldsmith and Thomas Ptacek, found numerous vulnerabilities in the agents designed to handle automatic updating, schedule backup tasks and handle support requests, the researchers said. Attackers pass on OS, aim for drivers and apps

Linked by shanmuga Friday, 4th August 2006 2:50AM