Linked by Amjith Ramanujam on Fri 8th Aug 2008 13:14 UTC
This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its knees. According to Dino Dai Zovi, a popular security researcher, "the genius of this is that it's completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over."
Thread beginning with comment 326215
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2007-12-13
How so. I understand exactly what they're talking about, and while it's not presented very well, it's basically correct. It basically just makes an end-run around ASLR and uses the kernel to overwrite blocks of memory (including the kernel itself) and execute whatever it is. The exploit is really one of the fundamental model of the kernel's operation rather than any particular application or system.
I suppose it could be FUD if you thought that the exploit wasn't an intentional design decision. I'm not sure it is.
Either way, I suppose it's not so important as Vista's probably not going to gain sufficient traction for it to matter. They either fix it in Win7, or it will be irrelevant post-Win7 (which I'm guessing is the end of the line for NT-based kernels, if not the "Windows" brand).