Tavis Ormandy Explained

Tavis Ormandy is an English computer security white hat hacker. He is currently employed by Google and was formerly part of Google's Project Zero team.[1]

Notable discoveries

Ormandy is credited with discovering severe vulnerabilities in LibTIFF,[2] Sophos' antivirus software[3] and Microsoft Windows.[4] With Natalie Silvanovich he discovered a severe vulnerability in FireEye products in 2015.[5]

His findings with Sophos' products led him to write a 30-page paper entitled "Sophail: Applied attacks against Sophos Antivirus" in 2012, which concludes that the company was "working with good intentions" but is "ill-equipped to handle the output of one co-operative security researcher working in his spare time" and that its products shouldn't be used on high-value systems.[6]

He also created an exploit in 2014 to demonstrate how a vulnerability in glibc known since 2005 could be used to gain root access on an affected machine running a 32-bit version of Fedora.[7]

In 2016, he demonstrated multiple vulnerabilities in Trend Micro Antivirus on Windows related to the Password Manager,[8] and vulnerabilities in Symantec security products.

In February 2017, he found and reported a critical bug in Cloudflare's infrastructure leaking user-sensitive data along with requests affecting millions of websites around the world which has been referred to as Cloudbleed (in reference to the Heartbleed bug that Google co-discovered).[9]

On or around May 15, 2023, he found and reported a vulnerability called Zenbleed (CVE-2023-20593) affecting all Zen 2 class processors.

External links

Notes and References

  1. Web site: Meet 'Project Zero,' Google's Secret Team of Bug-Hunting Hackers. Greenberg. Andy. 15 July 2014. Wired.com. 4 January 2015.
  2. Web site: Hey, devs! Those software libraries aren't always safe to use. Constantin. Lucian. 30 December 2014. Computerworld. 5 January 2015.
  3. Web site: Google Researcher Exposes Flaws In Sophos Software, Slams Antivirus Industry. Greenberg. Andy. 4 August 2011. Forbes. 15 August 2016.
  4. Web site: Google engineer bashes Microsoft's handling of security researchers, discloses Windows zero-day. Keizer. Gregg. 23 May 2013. Computerworld. 5 January 2015.
  5. Web site: Ormandy. Tavis. Project Zero: FireEye Exploitation: Project Zero's Vulnerability of the Beast. Project Zero. 11 May 2017. 15 December 2015.
  6. Web site: Google security researcher: Keep Sophos away from high value systems. Tung. Liam. 6 November 2012. CSO Online. 5 January 2015.
  7. Web site: Evans. Chris. Project Zero: The poisoned NUL byte, 2014 edition. Project Zero. 11 May 2017. 25 August 2014.
  8. Web site: Google security researcher excoriates TrendMicro for critical AV defects. Goodin. Dan. 11 January 2016. Ars Technica. 4 February 2016.
  9. Web site: Incident report on memory leak caused by Cloudflare parser bug. 23 February 2017.

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Tavis Ormandy".

Except where otherwise indicated, Everything.Explained.Today is © Copyright 2009-2024, A B Cryer, All Rights Reserved. Cookie policy.