It's post-exploitation, i.e., you must already have been hacked to do this. It's a payload, not a direct exploitation itself.
It requires Administrative privileges. It isn't unique to .NET; Java is just as vulnerable. I remember MSIL injection discussed before .NET languages were ever released. But yes, still a little scary. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange From: Ziots, Edward [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 18, 2008 8:06 AM To: NT System Admin Issues Subject: New .NET Rootkits are you safe? http://www.applicationsecurity.co.il/english/NETFrameworkRootkits/tabid/161/ Default.aspx Some scary stuff J Z Edward E. Ziots Network Engineer Lifespan Organization Email: [EMAIL PROTECTED] Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + _____ From: Robert Cato [mailto:[EMAIL PROTECTED] Sent: Monday, November 17, 2008 6:19 PM To: NT System Admin Issues Subject: Re: Adobe Acrobat won't convert files to PDF after MS Update ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
