Thursday, January 3rd, 2008
I hope everyone had a great New Year! I had a sweet New Year… Liddell laid a serious smack down, I spent a few days boarding the slopes of Mt Baker, and I came across a sweet new blog from Secure Windows Initiative (SWI) at Microsoft.
Damian Hasse, Jonathan Ness, and Greg Wroblewski from SWI are going to give a technical analysis of vulnerabilities being fixed by the patches released on “patch Tuesday”. Taking a look at the analysis and the level of detail they go into and I must say… I’m impressed. One of the examples discussed by the guys from SWI (MS07-63) shows the differences between pre-patch and post-patch SMB packets and even includes a pcap file of pre-patch SMB packets.
I think initiatives like this are awesome. Bad guys are going to figure this stuff out via reverse engineering, why not help the good guys understand what they are patching as well. Providing technical information about vulnerabilities can help a good security team better understand and mitigate the business risks associated with vulnerabilities. I can even see some resourceful professor using the analysis provided by SWI as case studies for prospective security pros. Check it out sometime! Great job guys!