This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its knees. According to Dino Dai Zovi, a popular security researcher, "the genius of this is that it's completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over."
To read all comments associated with this story, please click here.
Member since:2006-07-04
Member since:2007-12-13
How so. I understand exactly what they're talking about, and while it's not presented very well, it's basically correct. It basically just makes an end-run around ASLR and uses the kernel to overwrite blocks of memory (including the kernel itself) and execute whatever it is. The exploit is really one of the fundamental model of the kernel's operation rather than any particular application or system.
I suppose it could be FUD if you thought that the exploit wasn't an intentional design decision. I'm not sure it is.
Either way, I suppose it's not so important as Vista's probably not going to gain sufficient traction for it to matter. They either fix it in Win7, or it will be irrelevant post-Win7 (which I'm guessing is the end of the line for NT-based kernels, if not the "Windows" brand).
Member since:2007-02-07
Sorry to steal the thread, but would be nice if OSNews links the original story from Techtarget/SearchSecurity as it seems like Neowin stole the story without attribution.
Neowin also removed the comments on the story which gave them away, as if the Internet could be fooled that easily!
Original:
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gc...
Edit:
Link to PDF with more details:
http://taossa.com/archive/bh08sotirovdowd.pdf
( taken this from /. )
Edited 2008-08-08 14:47 UTC
Member since:2005-07-06
Member since:
2007-02-27
this news is pure .FUD.