[conspire] Write Once, Exploit Everywhere
Rick Moen
rick at linuxmafia.com
Tue Aug 28 12:51:15 PDT 2012
Quoting Adrien Lamothe (alamozzz at yahoo.com):
> "FWIW, the current exploit is focussed solely on Win32 boxes
>
> because its payload is delivered as a Microsoft exe file.
> http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html"
>
>
> Perhaps having Wine or DOSbox installed would allow that .exe file to
> run? (I'm not going to test it.)
I was bearing in mind that possibility when I cagily said 'Win32 box'. ;->
In the past, WINE has proved only very poorly able to be sufficiently
bug-compatible with contemporaneous versions of MS-Windows to enable the
malware du jour to run and propagate. E.g.:
http://web.archive.org/web/20080403005725/http://www.linux.com/articles/42031
(No relation, by the way, though I've met Matt Moen.)
I expect the same is true of DOSBox.
More information about the conspire
mailing list