Feeds

Browser crashers warm to data fuzzing

IE under attack

Top 5 reasons to deploy VMware with Tegile

Security researchers have targeted browsers with fuzzing tools in the past. In 2004, Michal Zalewski released a tool that mangled HTML code and produced frequent crashes on browsers other than Microsoft's Internet Explorer. Another researcher, Shane Hird, targeted the Windows Component Object Model (COM) and ActiveX controls using a fuzzer, finding other security issues with Internet Explorer.

"For the most part, security people have stayed away from browser bugs," Moore said. "You can't go into a company at three in the morning and exploit all their desktops. You have to have the user involved."

Browser flaws have become more important to attackers, because they allow them to slip by a network's more secure network defenses and attack the internal systems, which are generally less well guarded, said Window Snyder, chief technology officer for security start-up Matasano and a former security strategist for Microsoft.

"There are so many ways to get past the perimeter and once you are in, it's an open field," Snyder said. "Internal applications have not been audited with the same rigor as core external applications."

The change in focus leaves system administrators having to worry about which of their desktop applications have been well audited, she said.

"We have to worry about vulnerabilities in Notepad - that is now considered a product that can affect your security," Snyder said.

Yet, fuzzing tools can, and should be, used for defense, nCircle's Keanini said. In many ways, fuzzers bring the same automated code checking capabilities as the static code checkers that are now being used with greater frequency by companies to audit their program code. And company administrators who decline to check a program do so at their own risk, because program complexity - and the number of vulnerabilities - has skyrocketed, he said.

"It used to be that the client was twenty times smaller than the server," Keanini said. "That's not the case anymore. There are clients that are bigger than operating systems - it's grotesque. There is nothing thin about the client anymore."

For his part, Moore has already tired of trying out fuzzing techniques, but he may try coding one more, he said. Almost every browser has plug-ins to handle Adobe's Flash format, and the security researcher said he wonders about the code's security.

"These are plug-ins that are installed by default, and no one has really taken a look at a corrupted Flash generator," he said.

Soon, that may not be true.

This article originally appeared in SecurityFocus

Copyright © 2006, SecurityFocus

Update

Microsoft's statement was added to the article late Wednesday, following the company's response to SecurityFocus's request for comment. The original article was posted at 8am PST.

Security for virtualized datacentres

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Home Depot ignored staff warnings of security fail laundry list
'Just use cash', former security staffer warns friends
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.