DaniWeb IT Discussion Community
1 2
Show 40 post(s) from this thread on one page

DaniWeb IT Discussion Community (http://www.daniweb.com/forums/index.php)
-   Geeks' Lounge (http://www.daniweb.com/forums/forum6.html)
-   -   Oops! (http://www.daniweb.com/forums/thread139400.html)

Ancient Dragon Aug 9th, 2008 10:13 am
Oops!
 
Vista security rendered 'uselsess'
By Dennis Fisher

Quote:
Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system, an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.

In a presentation at the Black Hat briefings, Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. will discuss the new methods they've found to get around Vista protections such as Address Space Layout Randomization(ASLR), Data Execution Prevention (DEP) and others by using Java, ActiveX controls and .NET objects to load arbitrary content into Web browsers.

By taking advantage of the way that browsers, specifically Internet Explorer, handle active scripting and .NET objects, the pair have been able to load essentially whatever content they want into a location of their choice on a user's machine.

Salem Aug 9th, 2008 11:59 am
Re: Oops!
 
Well that's what you get when you integrate a browser into the OS.

http://www.answers.com/topic/hoare-c-a-r
Perhaps it's time to consider making things much simpler, rather than bloating the crap out of everything in the guise of creating "value".

Or as Scotty in ST-III said "The more they over think the plumbing, the easier it is to stop up the drain."
Or in this case find, yet another hole which leaks :)

xxxviking Aug 10th, 2008 8:59 am
Re: Oops!
 
yess.. greatt!! one.. i too hae same thinking..

sneekula Aug 10th, 2008 11:07 am
Re: Oops!
 
Time to put the death penalty on evil-minded hackers!

In my mind they are nothing but terrorists, out there to do the most damage they can.

scru Aug 10th, 2008 11:45 am
Re: Oops!
 
I hope you are kidding

mitrmkar Aug 10th, 2008 3:01 pm
Re: Oops!
 
hmm, smells like hype, but let's see.

mackone Aug 11th, 2008 10:54 am
Re: Oops!
 
It could be a hype as they say their findings which could completely bring Windows Vista to its knees. The researchers were able to load whatever content they wanted into any location they wished on a user.

The Dude Aug 11th, 2008 5:19 pm
Its best to surf WITH SCRIPTS DISABLED (@ least in the INTERNET zone (If not the MY COMPUTER zone also)) Then they have a hard time executing anything from thier end.......

R0bb0b Aug 11th, 2008 5:47 pm
Re: Oops!
 
No, you know what's going to happen, they are going to handle it just like they handle every other security issue. By turning it off. Then the rest of the development world will suffer.

The Dude Aug 12th, 2008 10:34 am
Re: Oops!
 
Maybe you can re-enable it in your copy :)


All times are GMT -4. The time now is 5:34 am.
1 2
Show 40 post(s) from this thread on one page

Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC