Ginger & Photon

[This was originally published on the OSVDB blog.]

Recently at the CanSec West conference, Window Snyder from Microsoft gave a talk about Windows XP SP2 security internals. Looking past a bulk of the talk, one portion of it stuck out in the minds of many vulnerability researchers. Unfortunately, the press has only given it a small blurb in the various articles so far.

From http://www.theregister.co.uk/2005/05/09/microsoft_on_sp2_security_process/

Moreover, the company found and fixed two classes of vulnerabilities that have not been discovered elsewhere, she said.

“These are entire classes of vulnerabilities that I haven’t seen externally,” Snyder said. “When they found these, (the developers) went on a mission, found them in all parts of the system, and got rid of them.”

Snyder remained mum on the details, however, even giving the families of vulnerabilities fake code names: “Ginger” and “Photon.”

Two entire classes of vulnerabilities discovered and fixed, that have never been seen externally? This seems a bit difficult to believe to me. I recall over the last few years during various conversations and email discussions where I challenged someone to name the last class of vulnerabilities that surfaced. Not counting these, I believe it has been years?

Anyone have fun speculation regarding what Ginger and Photon might be? Could they be found nowhere else because they are native to Microsoft/Windows? Could it be a big PR gig to further promote trustworthy computing?

Leave a Reply

%d