ZERT patch

I think you have noticed that the site was down for a while. My web hoster again played the same trick: shut down the site with no notice. I’m leaving them.

While I was busy with all this stuff, the ZERT group has created a patch for the VML vulnerability. These guys did a really great job. Gil Dabah, who programmed the patch, deserves a special mention for his fast coding speed and the robustness of his code.

We all know that third party patches should be taken with caution. They can not be thoroughly tested in many environments as the official patches are. Yet the availability of such a patch is a good thing: at least you have a choice and can protect yourself today, without waiting the preprogrammed patch day.

If you use the Internet Explorer then either unregister vgx.dll (as Microsoft advices it) or install the unoffcial patch. It can be downloaded from http://isotf.org/zert.
UPD: Since the official patch is available, please use it: http:/update.microsoft.com.

Confusing instruction

A few days ago I was working on the x86 IDA module. The goal
was to have it recognize jump tables for 64-bit processors.
This is routine: we have to add new instruction idioms to the
analysis engine from time to time to keep up with new compilers.
I was typing in the patterns and hoping
that the tests would go smoothly at the first run.

Continue reading Confusing instruction