Michael Evanchik

I was able to take over someone's computer , without any user intervention at all using a method called exception handling. I put an onerror tag into html which pointed to a local html file on the machine that would give the code running the authority of which the user was running on access to whatever they could do, I could do. Thats why I really dont understand why Microsoft hands over brand new...more

AIM Hack Shows AOL Hasn't Patched Critical Security Hole
A hacker finds a remote exploit for AIM 6.5 that demonstrates AOL failed to fix a known security flaw. Instead, the company tries to filter instant messages for bad code.

January 2, 2006

was the first person to break microsoft xp service pack 2 which they spent more the our missile defense system on and is why Windows Vista didnt turn out so well because Windows XP was getting so many viruses at the time they took a huge team to complete reengineer the operating system so it was ALLOT safer from such attacks. Two weeks later after its release I broke the security model.

‘Although hundreds of millions of dollars have been spent on securing SP2, perfection is impossible. Through the joint effort of Michael Evanchik and Paul from Greyhats Security, a very critical vulnerability has been developed that can compromise a user’s system without the need for user interaction besides visiting the malicious page. The vulnerability is not actually a vulnerability in itself, but rather it is uses multiple known holes in SP2 including Help ActiveX Control Related Topics… Show more

‘Although hundreds of millions of dollars have been spent on securing SP2, perfection is impossible. Through the joint effort of Michael Evanchik and Paul from Greyhats Security, a very critical vulnerability has been developed that can compromise a user’s system without the need for user interaction besides visiting the malicious page. The vulnerability is not actually a vulnerability in itself, but rather it is uses multiple known holes in SP2 including Help ActiveX Control Related Topics Zone Security Bypass Vulnerability and Help ActiveX Control Related Topics Cross Site Scripting Vulnerability.’ Show less

The reason Windows Vista did not turn out so well, that during 2005 Microsoft was riddled with viruses and worms and they took 33% of the Microsoft Vista team off the project to come up with a new security model for both operating systems. This service pack was like none other. It basically was a new operating system and cost more then our current missile defense system. I waited until it was completed and I gave it a little penetration testing and it worked well. But Microsoft always… Show more

The reason Windows Vista did not turn out so well, that during 2005 Microsoft was riddled with viruses and worms and they took 33% of the Microsoft Vista team off the project to come up with a new security model for both operating systems. This service pack was like none other. It basically was a new operating system and cost more then our current missile defense system. I waited until it was completed and I gave it a little penetration testing and it worked well. But Microsoft always disregards low level vulnerabilities and does not fix them because they dont do much. But if you combine a bunch of them picture putting a ladder together piece by piece to get into the back window of an office and I broke the security model. I know all of these details because I was invited to the Microsoft campus in Seattle and was nominated (which is the only way) by a Microsoft employee for the MVP. Which is short for Microsoft Valued Professional in Application and Browser security
Show less