length: 00:13:30

4 bulletins covering 6 vulnerabilities

Most critical: MS08-026 , MS08-029

1 was used in the wild: Access vulnerability

It’s interesting because the researcher was frustrated wby the fact M$ not taking any action to the vulnerability that has been reported- so he started to put a lot of PoC to Full Disclosure with the message:

“well, M$ consider this is not unsafe, so I guess it’s OK for me to send the link of there exploit to everybody….”

Mdb. Extension

Outlook thread these file as unsafe – prevent the client to access it

The attacks use word doc to hide the db file to different extension – client is not longer blocking the file

.doc now is the point of entry

2 remote code execution in word – also affect Macs

2 DoS on the M$ antimalware

In the last 2 year SSX took over BoF