Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Java.ByteVerify exploit SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Java.ByteVerify exploit

Come April, we will reach the FIFTH anniversary of the ByteVerify vulnerability (MS03-011). Untangling some seriously obfuscated JavaScript coming from a couple of web sites in China earlier today, I ended up with - yes, a ByteVerify exploit. Also in the package was an MDAC exploit (MS06-014), whose second anniversary will be up this April as well.

To see these exploits still in use can only mean one thing: They still work.

And they seem to work well enough that the bad guys can instead sink their time into developing new obfuscation techniques and other ways to make analysis more difficult -- only to deliver a five year old exploit in the end. Not a very stellar testament to patching efforts.



371 Posts
ISC Handler
Jan 11th 2008

Sign Up for Free or Log In to start participating in the conversation!