Locale vector

morganism · Post by **morganism** » Thu Dec 05, 2013 2:30 am

looks like the big Red October attack required a change to the crylic alphabet to execute.

Windows since XP don't allow users to change language fonts, they hav to create a "locale".
This could easily be a backdoor injection route. If a person got a "you need to install a language pack" message.

Prob want to make sure that a site isn't going to try to change display font.

Red October
https://www.securelist.com/en/analysis/ ... estigation

and locale and font vector

http://www.microsoft.com/typography/unicode/cscp.htm

http://msdn.microsoft.com/en-us/magazine/cc440752.aspx

http://docs.oracle.com/javase/7/docs/ap ... ilder.html