It has been a little while since my last blog post, 2007 was a busy year, and if this months security update from Microsoft is any indication then 2008 is going to be just as interesting.

There’s a few interesting things about this vulnerability from a technical perspective. Primarily, it’s a bug in the network stack of the operating system and bugs like these are extremely rare in mature software. The file affected, tcpip.sys, is among the most analyzed 352 kilobytes every coded. The bug has been written about in numerous blogs and whitepapers by now, so I won’t waste the time to repeat that here, but I’ll take the opportunity to plug one of my new favorite blogs, Microsoft Security Vulnerability Research and Defense. Their posts on this vulnerability are the first ones they’ve put out, but if they keep them coming out like this they’re going to be the first place I visit on Patch Tuesday. Microsoft has really turned around, from once being the “enemy” to many in the security field to now being an example for other vendors in the way they handle their entire development/patching programs.

While I’m plugging things, I’d also like to give a nod to the good people at Offensive Security for their Offensive Security Certified Professional certification. I had the opportunity to take the course late last year as part our teams continuing education goals, and I was very impressed with the quality of the materials and the staff. For a hands on, practical approach to learning how your systems are being attacked by the bad guys, this course cannot be beat.

Hope 2008 keeps you all (and your systems) happy and healthy.

This entry was posted on Friday, January 11th, 2008 at 10:13 am.

Share This Information | A New Year and a TCP Vulnerability SlashDot | del.ico.us | Digg it | Technorati | Reddit

Other SecureWorks Blog Categories: General (20) Links (7) Phishing (1) Research (60) Spam (1) Trojans (4)