Linked by Thom Holwerda on Mon 18th Jan 2010 22:00 UTC
Internet Explorer Ah, the security vulnerability that was used in the Google attack. It's been around the internet about a million times now, and even governments have started advising people to move away from Internet Explorer. As is usually the case, however, the internet has really blown the vulnerability out of proportion. I'll get right to it: if your machine and/or network has been compromised via this vulnerability, then you most likely had it coming. No sympathy for you.
Thread beginning with comment 404774
To view parent comment, click here.
To read all comments associated with this story, please click here.
umccullough
Member since:
2006-01-26

Even if you're running XP SP3, real DEP requires NX, which of course means that you need to be running on a PAE configuration.

For x86-32, at least. Nothing extra is necessary on x86-64. But there is still a sizable population of earlier x86 hardware out there that cannot be protected.


I had been told at one point that Win XP does always enable PAE mode in order to utilize the NX, but it doesn't use the higher memory extensions unless explicitly told to in the boot.ini - I could be wrong, but I heard it from someone I generally trust on these matters.

Edit: Wikipedia seems to back this notion up in the foot notes - http://en.wikipedia.org/wiki/Physical_Address_Extension

Your point about DEP not working on older x86 hardware is indeed valid of course, and I have plenty of said hardware still plugging along myself.

Edited 2010-01-18 22:57 UTC

Reply Parent Score: 3

kragil Member since:
2006-01-04

http://www.vupen.com/exploits/Microsoft_Internet_Explorer_Use_after...

They have an exploit for IE8 with DEP enabled.

This makes this whole article totally wrong and downright dangerous, because just because there is no publically available code does not mean that bad guys can't figure it out. Took that company only a few days.

Reply Parent Score: 2

Thom_Holwerda Member since:
2005-06-29

Funny how when there's a proof of concept of a Linux or Mac vulnerability, it's all discarded as "it's not in the wild" and "show me a real infection" and so on...

...yet when it's Microsoft, proof of concepts and even regular concepts are accepted without so much as a blink of the eye.

Double standards. You has them.

On top of that, they bypassed DEP. What about protected mode? Did you buy (yes, you have to buy it) the concept to test it out? Or do you believe that security company's (BUY OUR PRODUCT) puppy eyes?

Edited 2010-01-19 16:30 UTC

Reply Parent Score: 1