Linked by Thom Holwerda on Wed 20th Jan 2010 22:45 UTC, submitted by kragil
Windows I guess it's Windows-flaw-week or something. First, we had the Internet Explorer vulnerability used in the Google attack, and now we have a bug that's been sitting undetected in Windows NT for 17 years. The bug can be used to escalate privileges, but from what I understand, it only works locally (although that isn't made clear).
Permalink for comment 405220
To read all comments associated with this story, please click here.
f0dder
Member since:
2009-08-05

With that being said, as far as I know, VDM along with win16 support has been ripped out of Windows x64 editions so the vulnerability seems to only affect 32bit version of Windows rather than Windows across the board.
Yup, 16bit support has been ripped from Windows x64 editions, since x64 Long Mode doesn't support V86 tasks - Microsoft would've needed to include an x86 emulator in order to run 16bit DOS apps (16bit Windows apps do run protected mode rather than DOS/realmode, but I dunno whether Long Mode supports 16bit PM code segments; wouldn't be surprised if it doesn't).

Microsoft actually did include an x86 emulator with x64 Windows editions, albeit a very limited one. A very few things need to call 16bit BIOS code, so MS whipped up an emulator. It's not usable for generic 16bit execution, though: undocumented, very limited CPU support, stringent checks on what memory can be accessed).

Reply Parent Score: 3