Microsoft publish analysis of the zero day bug
Michael Howard from the Microsoft's Security Team has published an analysis of, the recent zero day vulnerability for which Microsoft released an emergency patch. The examination shows how there was no heap corruption or heap based overrun, but an invalid pointer dereference in MSHTML.DLL
, when handling data binding.
The posting also covers how the bug evaded various protection mechanisms in Windows, which mechanisms caught it and how the Security Development Lifecycle failed to detect the problem. Howard concludes "I think this bug is a great example of 'you will never get the code 100 per cent right, so multiple defenses are critical.'"
See also:
- MS08-078 Microsoft security bulletin on the vulnerability.
(djwm)