I don't want to be rude but... we're talking about a win32 local exploit here !!!! My question would be... Why would anyone want to patch it ? Here are some reasons for not bothering about it. 1. Important servers/workstations should NOT use win32 2. Currently there are plenty of remote vulnerabilities which leave you with enough priviledge to do some nasty stuff on a Win32-box (OK, if someone will create an automated Shatter version that could be used to gain more priviledge on a "owned" win32 but than again... see reason no 1 :) 3. As long as someone needs phisical access for this it's not really such a serious problem.. usually when someone has phisical access to a computer he can do mostly whatever he/she wants. Without using exploits... 4. And probably the most important reason: Shatter is one of those mostly harmless yet very neet exploits that you can impress your friends with... or you can quickly hack your gf's account while she's changing her clothes (ok, during this time you could also take her computer bring it to your place, take out the hdd copy every file on it and then still have the time to go back to her place and light up a cigarete. :)) -- ------------------------ Proud member of PentaGuard "Making the net a safer place since 1998"
This archive was generated by hypermail 2b30 : Sun Aug 25 2002 - 09:15:50 PDT