 |  |  |  |  |  |  |  |
Oops!
 |
•
•
Join Date: Aug 2005
Posts: 15,151
Reputation: 
Solved Threads: 1435
Vista security rendered 'uselsess'
By Dennis Fisher
By Dennis Fisher
•
•
•
•
Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system, an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.
In a presentation at the Black Hat briefings, Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. will discuss the new methods they've found to get around Vista protections such as Address Space Layout Randomization(ASLR), Data Execution Prevention (DEP) and others by using Java, ActiveX controls and .NET objects to load arbitrary content into Web browsers.
By taking advantage of the way that browsers, specifically Internet Explorer, handle active scripting and .NET objects, the pair have been able to load essentially whatever content they want into a location of their choice on a user's machine.
Last edited by Ancient Dragon; Aug 9th, 2008 at 10:14 am.
Don't PM me with questions -- you might get a nasty PM in response. If you have a question then post it in one of the forums.
•
•
Join Date: Dec 2005
Posts: 5,851
Reputation:
Solved Threads: 749
Well that's what you get when you integrate a browser into the OS.
http://www.answers.com/topic/hoare-c-a-r
Perhaps it's time to consider making things much simpler, rather than bloating the crap out of everything in the guise of creating "value".
Or as Scotty in ST-III said "The more they over think the plumbing, the easier it is to stop up the drain."
Or in this case find, yet another hole which leaks
http://www.answers.com/topic/hoare-c-a-r
Perhaps it's time to consider making things much simpler, rather than bloating the crap out of everything in the guise of creating "value".
Or as Scotty in ST-III said "The more they over think the plumbing, the easier it is to stop up the drain."
Or in this case find, yet another hole which leaks
yess.. greatt!! one.. i too hae same thinking..
Last edited by ~s.o.s~; Aug 11th, 2008 at 1:19 pm. Reason: Fake signature.
•
•
Join Date: Oct 2006
Posts: 2,275
Reputation:
Solved Threads: 174
Time to put the death penalty on evil-minded hackers!
In my mind they are nothing but terrorists, out there to do the most damage they can.
In my mind they are nothing but terrorists, out there to do the most damage they can.
Last edited by sneekula; Aug 10th, 2008 at 11:36 am.
No one died when Clinton lied.
•
•
Join Date: Aug 2008
Posts: 249
Reputation:
Solved Threads: 3
Posting Whiz in Training
It could be a hype as they say their findings which could completely bring Windows Vista to its knees. The researchers were able to load whatever content they wanted into any location they wished on a user.
•
•
Join Date: Dec 2005
Posts: 3,224
Reputation:
Solved Threads: 25
0
#8 Aug 11th, 2008
Its best to surf WITH SCRIPTS DISABLED (@ least in the INTERNET zone (If not the MY COMPUTER zone also)) Then they have a hard time executing anything from thier end.......
Last edited by The Dude; Aug 11th, 2008 at 5:19 pm.
•
•
Join Date: Jun 2008
Posts: 850
Reputation:
Solved Threads: 67
Practically a Posting Shark
No, you know what's going to happen, they are going to handle it just like they handle every other security issue. By turning it off. Then the rest of the development world will suffer.
Last edited by R0bb0b; Aug 11th, 2008 at 5:48 pm.
“Be who you are and say what you feel because those who mind don't matter and those who matter don't mind.” - Dr. Seuss
-- The documentation is inevitable, you may get away with it for a little while but eventually you too will have to do the deed.
-- The documentation is inevitable, you may get away with it for a little while but eventually you too will have to do the deed.
|
Similar Threads
- Dictionary ADT (Computer Science)
- oops Inheritence (C++)
- Flash Plugin For Mozilla (*nix Software)
- OOPS concepts in c++ ... (C++)
- Factorial? (C++)
- Does Samba send deleted files to a recycle bin? (*nix Software)
- enabling file sharing (Windows NT / 2000 / XP)
- PCModKingdom Source Code (IT Professionals' Lounge)
- HAPPY BIRTHDAY DANI! (Geeks' Lounge)
Other Threads in the Geeks' Lounge Forum
- Previous Thread: American Thoughts
- Next Thread: Sloppy code stops here
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Geeks' Lounge Posts
- Today's Posts
- Unanswered Threads
advice amazon apple article beijing bot chat children code comedy complaint consoles convert cracked.com daniweb development disk dlc ebook election empty facebook feed financialcrisis fun future game games gaming garbage google grandtheftauto gta halo3 happiness hardware information internet java kids kindle larnyx library life linux love lynx mad madden marketing merger microsoft murder netbook news nintendo obama odf olympics opinion outlook pain parentalcontrol parenting planning playstation population ps3 ps4 python research school search sims software softwaredevelopment sony source space stocks study survey tablet thelostanddamned timeisonmyside. unused usarmy vapid videogames viruses walmart wii windows windows>all windows_wins worldofwarcraft wow www xbox xbox360