MACS ROCK! discusses all things APPLE MAC
 
HomeHome  PortalPortal  FAQFAQ  SearchSearch  RegisterRegister  Log inLog in  
Search
 
 

Display results as :
 
Rechercher Advanced Search
Latest topics
» Ultimate Leopard for iPhone
Sun Oct 26, 2008 12:08 pm by Bear Hunter

» Cool sites
Wed Oct 15, 2008 2:52 pm by Admin

» Apple is looking beyond Multi-Touch
Sat Sep 06, 2008 12:52 pm by iMacoo7

» Supposed iPod nano 4G really unboxed
Sat Sep 06, 2008 11:14 am by iMacoo7

» PWnage 2.0 & later
Fri Sep 05, 2008 9:16 am by iMacoo7

» Apple Rejecting Apps Based on 'Limited Utility'
Thu Sep 04, 2008 10:05 am by iMacoo7

» Analyst: Apple mulling ow-cost ‘iPod phone’
Thu Sep 04, 2008 9:56 am by iMacoo7

» Apple applies for ‘Cocoa Touch’ trademark for iPhone
Thu Sep 04, 2008 9:54 am by iMacoo7

» RUMOR: iPod nano 4G, touch 2G dimensions revealed?
Wed Sep 03, 2008 8:28 pm by iMacoo7

Navigation
 Portal
 Index
 Memberlist
 Profile
 FAQ
 Search
Forum
Affiliates
free forum
 



Share | 
 

 Report: Microsoft’s Windows Vista ‘security’ rendered completely useless by new ‘unfixable’ exploit

View previous topic View next topic Go down 
AuthorMessage
iMacoo7
Co-Admin
Co-Admin
avatar

Posts : 72
Join date : 2008-08-05

PostSubject: Report: Microsoft’s Windows Vista ‘security’ rendered completely useless by new ‘unfixable’ exploit   Sat Aug 09, 2008 4:07 pm

"This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its knees," Jason Kelley reports for Newwin.net.

"Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. have discovered a technique that can be used to bypass all memory protection safeguards that Microsoft built into Windows Vista. These new methods have been used to get around Vista's Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP) and other protections by loading malicious content through an active web browser. The researchers were able to load whatever content they wanted into any location they wished on a user's machine using a variety of scripting languages, such as Java, ActiveX and even .NET objects. This feat was achieved by taking advantage of the way that Internet Explorer (and other browsers) handle active scripting in the Operating System," Kelley reports.
Kelley continues, "While this may seem like any standard security hole, other researchers say that the work is a major breakthrough and there is very little that Microsoft can do to fix the problems. These attacks work differently than other security exploits, as they aren't based on any new Windows vulnerabilities, but instead take advantage of the way Microsoft chose to guard Vista's fundamental architecture. According to Dino Dai Zovi, a popular security researcher, 'the genius of this is that it's completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over.'"

Kelly reports, "'This stuff just takes a knife to a large part of the security mesh Microsoft built into Vista,' said Dai Zovi to SearchSecurity.com. 'If you think about the fact that .NET loads DLLs into the browser itself and then Microsoft assumes they're safe because they're .NET objects, you see that Microsoft didn't think about the idea that these could be used as stepping stones for other attacks. This is a real tour de force.'"
LINK

SHAZAMMMMMM~~~!! ANOTHER REASON YOU SHOULD "GET A MAC!!!!"
Back to top Go down
View user profile
 
Report: Microsoft’s Windows Vista ‘security’ rendered completely useless by new ‘unfixable’ exploit
View previous topic View next topic Back to top 
Page 1 of 1
 Similar topics
-
» Windows Internet Security -- Trojan -- please help
» Total Vista Security and Antivirus Plus are killing me!
» How to Remove Windows Defender Security Center Icon From System Tray
» Microsoft experimenting with tablet controller for next Xbox - Report
» Optimizations - Windows WinSXS Files Cleanup (EXTREME)

Permissions in this forum:You cannot reply to topics in this forum
MACS ROCK! :: COMEDIAN ANTICS ON WINDCHILL SYSTEMS :: Windchill System Jokes-
Jump to: