Linked by Amjith Ramanujam on Fri 8th Aug 2008 13:14 UTC
Windows This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its knees. According to Dino Dai Zovi, a popular security researcher, "the genius of this is that it's completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over."
Permalink for comment 326243
To read all comments associated with this story, please click here.
RE[2]: Bottom Line
by JamesTRexx on Fri 8th Aug 2008 17:58 UTC in reply to "RE: Bottom Line"
JamesTRexx
Member since:
2005-11-06

And security is also very tight because the user can only write to their home directory.


Unfortunately not quite true...
Windows has permissions on several directories including the root of the disk that allow anyone to create files and folders, these are done with the so-called owner account.
I have to remove these permissions on terminal servers because they still allow users to install programs that don't use the Windows installers.
Only after this is done can users forget about writing anywhere but their own profile directory.

Reply Parent Score: 4