Windows, Ubuntu, and Auto-Run

Isaac Newton’s third law states there is an equal and opposite reaction for every action.  Who would have thought while Microsoft improves their security posture that a linux distribution would dumb down their standard config and end up with worse security?

Microsoft has learned their lesson and recently announced security updates that backport the autoplay protection existing in Windows 7 to Windows XP.  You can read more about their reasoning here.

At Shmoocon last week, John Larimer showed how GNOME’s evince can be abused to exploit autorun functionality in Linux.  *Note: ASLR and AppArmor were disabled during the PoC.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s