Star Vista's Security Rendered Completely Useless By New Exploit
Linked by Amjith Ramanujam on Fri 8th Aug 2008 13:14 UTC
Windows This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its knees. According to Dino Dai Zovi, a popular security researcher, "the genius of this is that it's completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over."
E-mail Print r 12   79 Comment(s) http://osne.ws/fk7
Permalink for comment 326235
To read all comments associated with this story, please click here.
RE[3]: Bottom Line
by Wrawrat on Fri 8th Aug 2008 16:28 UTC in reply to "RE[2]: Bottom Line"
Wrawrat
Member since:
2005-06-30

For those who believe Windows to be a multi-user system at the core, log into you Windows box twice as the same user - i.e., run two simultaneous sessions as the same user. Are you there yet? Even different users being logged in at the same time is done with "fast-user switching".


It's an intentional limitation in the customer versions of Windows. Windows Server can easily host multiple sessions with Terminal Services.

The multi-user architecture is definitely there. It's quite misused though.

The current web-connected computer was not envisioned when it was created. Meanwhile, Unix was serving 1000's of simultaneous user sessions on a single box.


I am looking for the day when that single box hosts so many connections with fully-featured GUIs. Joe Sixpack doesn't want to work with consoles.

Reply Parent Bookmark Score: 5