THE SKY IS FALLING!!!
OK, maybe it’s not falling but if you listen to SANS or Symantec this past week you would think it is.
Let me first start with SANS. If one was to look up “Sans” in the dictionary they would find this:
Sans = to be without. Perhaps in the future we will see this definition changed to be Sans = stating the known and obvious. To see exactly what I am talking about give this article a quick read. Basically, SANS has sounded the alarm over the fact that one could reverse engineer a Cisco IOS patch and perhaps find details of a vulnerability.
Quick! Someone stop the presses and welcome SANS to 1995 (or earlier). Reverse engineering patches is nothing new and has been done for years and years and yes this includes IOS patches. Sure, I will concede that today it is much easier to reverse engineer a patch due to the improvement in tools and of course the improvement of educational resources on this topic but does it really surprise anyone that potential “bad guys” will reverse a patch to find a bug? Especially when we look at how far behind most router devices are in patches…
Now on to Symantec. Earlier this week Symantec sent out alerts regarding a “Zero Day” vulnerability in Adobe Flash being exploited in the wild. Of course, IT Security guys were concerned as it is tough to find a computer with out a version of Adobe Flash on it and geeks like me looked for samples and attempted to figure out what was really going on.
As it turns out, today, Symantec changed their mind stating that it is in fact not a zero day bug but a known bug that was discovered by Mark Dowd over at ISS that was reported and patched already by Adobe. Of course this doesn’t change the fact that the bug is being exploited in the wild and there seems to be some question over the effectiveness and completeness of the original patch.
I am sure we will see many news articles over the next couple of weeks attempting to explain what is really going on. Meanwhile IT guys can breath a sigh of relief as the sky is in fact not falling.