Alastair Houghton: ‘DMG Vulnerability Debunked’

Alastair Houghton analyzes the recent MOKB DMG kernel crasher in painstaking detail, and finds that it is not possible to exploit it to execute arbitrary code. A crasher, yes, and since it’s in the kernel, it brings down your system. But a lot of these security cowboys like to pretend that every crasher is also a potential exploit to execute arbitrary code, but leave the proof as an exercise for the reader.

Monday, 4 December 2006