 |  |  |  |  |  |  |  |
Oops!
 |
•
•
Join Date: Aug 2005
Posts: 15,358
Reputation: 
Solved Threads: 1463
Vista security rendered 'uselsess'
By Dennis Fisher
By Dennis Fisher
•
•
•
•
Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system, an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.
In a presentation at the Black Hat briefings, Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. will discuss the new methods they've found to get around Vista protections such as Address Space Layout Randomization(ASLR), Data Execution Prevention (DEP) and others by using Java, ActiveX controls and .NET objects to load arbitrary content into Web browsers.
By taking advantage of the way that browsers, specifically Internet Explorer, handle active scripting and .NET objects, the pair have been able to load essentially whatever content they want into a location of their choice on a user's machine.
Last edited by Ancient Dragon; Aug 9th, 2008 at 10:14 am.
Don't PM me with questions -- you might get a nasty PM in response. If you have a question then post it in one of the forums.
•
•
Join Date: Dec 2005
Posts: 5,850
Reputation:
Solved Threads: 749
Well that's what you get when you integrate a browser into the OS.
http://www.answers.com/topic/hoare-c-a-r
Perhaps it's time to consider making things much simpler, rather than bloating the crap out of everything in the guise of creating "value".
Or as Scotty in ST-III said "The more they over think the plumbing, the easier it is to stop up the drain."
Or in this case find, yet another hole which leaks
http://www.answers.com/topic/hoare-c-a-r
Perhaps it's time to consider making things much simpler, rather than bloating the crap out of everything in the guise of creating "value".
Or as Scotty in ST-III said "The more they over think the plumbing, the easier it is to stop up the drain."
Or in this case find, yet another hole which leaks
yess.. greatt!! one.. i too hae same thinking..
Last edited by ~s.o.s~; Aug 11th, 2008 at 1:19 pm. Reason: Fake signature.
•
•
Join Date: Oct 2006
Posts: 2,273
Reputation:
Solved Threads: 175
Time to put the death penalty on evil-minded hackers!
In my mind they are nothing but terrorists, out there to do the most damage they can.
In my mind they are nothing but terrorists, out there to do the most damage they can.
Last edited by sneekula; Aug 10th, 2008 at 11:36 am.
No one died when Clinton lied.
•
•
Join Date: Aug 2008
Posts: 265
Reputation:
Solved Threads: 3
Posting Whiz in Training
It could be a hype as they say their findings which could completely bring Windows Vista to its knees. The researchers were able to load whatever content they wanted into any location they wished on a user.
•
•
Join Date: Dec 2005
Posts: 3,242
Reputation:
Solved Threads: 25
-6
#8 Aug 11th, 2008
Its best to surf WITH SCRIPTS DISABLED (@ least in the INTERNET zone (If not the MY COMPUTER zone also)) Then they have a hard time executing anything from thier end.......
Last edited by The Dude; Aug 11th, 2008 at 5:19 pm.
•
•
Join Date: Jun 2008
Posts: 849
Reputation:
Solved Threads: 67
Practically a Posting Shark
No, you know what's going to happen, they are going to handle it just like they handle every other security issue. By turning it off. Then the rest of the development world will suffer.
Last edited by R0bb0b; Aug 11th, 2008 at 5:48 pm.
“Be who you are and say what you feel because those who mind don't matter and those who matter don't mind.” - Dr. Seuss
-- The documentation is inevitable, you may get away with it for a little while but eventually you too will have to do the deed.
-- The documentation is inevitable, you may get away with it for a little while but eventually you too will have to do the deed.
|
Similar Threads
- Dictionary ADT (Computer Science)
- oops Inheritence (C++)
- Flash Plugin For Mozilla (*nix Software)
- OOPS concepts in c++ ... (C++)
- Factorial? (C++)
- Does Samba send deleted files to a recycle bin? (*nix Software)
- enabling file sharing (Windows NT / 2000 / XP)
- PCModKingdom Source Code (IT Professionals' Lounge)
- HAPPY BIRTHDAY DANI! (Geeks' Lounge)
Other Threads in the Geeks' Lounge Forum
- Previous Thread: American Thoughts
- Next Thread: Sloppy code stops here
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Geeks' Lounge Posts
- Today's Posts
- Unanswered Threads
amazon apple article bankruptcy beard beijing children clocks code cognitive_disorder comedy complaint console consoles cracked.com daniweb design development disk dlc ebook empty facebook feed financialcrisis fun future game games gaming garbage google grandtheftauto gta gtaiv happiness hardware hunting internet java kids kindle knife language larnyx library life linux mad manly marketing merger microsoft murder neuropathology news nintendo obama odf olympics opinion os outlook pain parentalcontrol playstation population ps3 ps4 python research rss search software softwaredevelopment sony source space subversion survey tablet thelostanddamned time timeisonmyside. unused usarmy vapid videogames viruses wave wii windows windows>all windows_wins worldofwarcraft wow www xbox xbox360 zomg_conspiracy
