Ars Technica has analyzed recently publicized Vista's security flaws. "Unfortunate, yes, but not as was reported in the immediate aftermath of the presentation evidence that Vista's security is useless, nor does this work constitute a major security issue. And it's not game over, either. Sensationalism sells, and there's no news like bad news, but sometimes particularly when covering security issues, it would be nice to see accuracy and level-headedness instead. ... Furthermore, these attacks are specifically on the buffer overflow protections; they do not circumvent the IE Protected Mode sandbox, nor Vista's (in)famous UAC restrictions."
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2005-11-13
I don't think he was saying that it wasn't a serious issue, just that this isn't the mother of all security flaws that the original article made it out to be. From what I gather, the exploit only works with certain applications (the article mentions IE7 and FF2, but mentions nothing regarding Opera and FF3, so I'm not even sure if those are affected), and even if you're using said application/plugin, there'd still have to be a buffer overflow vunderability built into the app before any damage could actually be done. So, let's look at the criteria:
1. You must be using an application/plugin that 'opts out' of random memory addressing
2. That application must have a vunderability to exploit
Sure, it's a serious issue, but it's a far cry from the 'all Vista users are screwed' tone of the original article, which was the author's entire point.
Edited 2008-08-11 18:17 UTC
Member since:2006-09-18
You trivialize it by saying "it's not really game over" and agree with the author on that point! no take backs.
A serious error and game over are not the same thing. I'm not aware of any public unpatched exploits that take advantage of this. There may never be one. There are critical exploitable, common, bugs patched monthly, and they don't get the coverage and hype of this. The act of installing flash/plugins has screwed people from a security standpoint well before this bug was public.
not this time.
Member since:2006-06-20
If IE7 and FF2 "opts out" of this (DEP, ASLR) AND that this is exploitable, then I think this is pretty serious. When you say "Ah, no problem, this exploit works only on certain apps" you can bet your ass that this will be major problem if those "certain apps" include IE7 and Firefox. These 2 "certain apps" are the most used apps over the internet (Heck, I'm even writing this on FF3). So, if IE7 and FF can be exploited in Vista, then I believe it's pretty much game over for Vista.
Member since:
2005-08-18
No I don't. "Not game over" is not the same as that it's not a serious matter. Game over would be an error that could not possible be corrected while a serious/major error can.
Yes he is. He is trivializing it with statements like "it's not a major issue" and "it worked on XP too".
Indeed you do.