The Day of the Updates

DEF CON 17

Presented by: Ava Latrope, Ne0nRa1n
Date: Saturday August 01, 2009
Time: 19:00 - 19:50
Location: Turbo/Breakout Track
Track: Turbo/Breakout

Software updates apply patches or introduce new features to an application. In most cases, the update procedure is conducted in an insecure manner, exposing the updater to execution of malicious code or to manipulation of application data such as anti-virus signatures.

This presentation will describe in detail different application-update procedures. It will then demonstrate several techniques of update-exploitation attacks, and introduce a new tool, which leverages a man-in-the-middle technique, to build and inject a fake update reply or hijack an on-going update session.

Itzik Kotler

<strong>Itzik Kotler</strong> is Radware's Security Operation Center Team's Leader. He manages a team of researchers that follows him into exciting adventures in the dark world of networking, where every standard and rule can be bent and vulnerabilities are lurking on every bit and byte. Radware SOC is a vulnerability research center that develops updated signatures and new techniques to defend known and undisclosed application vulnerabilities. Prior to joining Radware, Itzik held a number of security research positions

Tomer Bitton

<strong>Tomer Bitton</strong> is a Security Researcher at Radware, Inc. He is obsessed with rootkits and malwares and does exploits development and vulnerabilities analysis for a living. Prior to joining Radware, Tomer was a Trojan Specialist in RSA Anti-Malware Team


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats