Thanks: 0
Likes: 0
Needs Pictures: 0
Picture(s) thanks: 0
Results 1 to 7 of 7
Thread: ‘unfixable’ Vista exploit
-
9th August 2008, 09:59 AM #1Intermediate Member
- Join Date
- May 2005
- Location
- melbourne
- Posts
- 32
‘unfixable’ Vista exploit
I read this this morning and thought others should know. Sounds very serious...
Vista ‘security’ rendered completely useless by new ‘unfixable’ exploit
Full article here: http://www.neowin.net/news/main/08/0...by-new-exploit
This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its knees," Jason Kelley reports for Newwin.net.
"Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. have discovered a technique that can be used to bypass all memory protection safeguards that Microsoft built into Windows Vista. These new methods have been used to get around Vista's Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP) and other protections by loading malicious content through an active web browser. The researchers were able to load whatever content they wanted into any location they wished on a user's machine using a variety of scripting languages, such as Java, ActiveX and even .NET objects. This feat was achieved by taking advantage of the way that Internet Explorer (and other browsers) handle active scripting in the Operating System," Kelley reports.
"While this may seem like any standard security hole, other researchers say that the work is a major breakthrough and there is very little that Microsoft can do to fix the problems. These attacks work differently than other security exploits, as they aren't based on any new Windows vulnerabilities, but instead take advantage of the way Microsoft chose to guard Vista's fundamental architecture. According to Dino Dai Zovi, a popular security researcher, 'the genius of this is that it's completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over.'"
Kelly reports, "'This stuff just takes a knife to a large part of the security mesh Microsoft built into Vista,' said Dai Zovi to SearchSecurity.com. 'If you think about the fact that .NET loads DLLs into the browser itself and then Microsoft assumes they're safe because they're .NET objects, you see that Microsoft didn't think about the idea that these could be used as stepping stones for other attacks. This is a real tour de force.'"
-
9th August 2008 09:59 AM # ADSGoogle Adsense Advertisement
- Join Date
- Always
- Location
- Advertising world
- Posts
- Many
-
9th August 2008, 10:48 AM #2Cro-Magnon
- Join Date
- Sep 2007
- Location
- Central Victoria, Australia
- Age
- 64
- Posts
- 764
Did you read the comments which followed the article? The exploit is claimed, but not yet demonstrated or tested.
I'm not saying it CAN'T be true, but the three variables which make me doubt it are the lack of detail around UAC (user account control), browser isolation, and chip-level memory management.
I'll post Microsoft responses as soon as they are available.... as long as the government is perceived as working for the benefit of children, the people will happily endure almost any curtailment of liberty and almost any deprivation. (A.Hitler)
-
9th August 2008, 03:51 PM #3
Yep
i was never that happy with the Address space layout randomisation (ASLR) or the data extraction prevention (DEP). Much prefer the Case replication Address Protocols (CRAP) and Performance Orientation Octagonisation (POO).
-
9th August 2008, 10:18 PM #4
There were much more interesting talks at that conference, like:
How To Impress Girls With Browser Memory Protection Bypasses
And on Vista related matters, how about that even though XP is no longer sold...
XP is still killing Vista in sales volume: HP
-
11th August 2008, 09:59 AM #5Intermediate Member
- Join Date
- May 2005
- Location
- melbourne
- Posts
- 32
reputations on the line
I hear what you are saying Ron, but when Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. put their professional reputation on the line with such an announcement, at this stage, I am more incline to believe them.
Not only is their own professional reputation on the line but so is IBM’s and VMware’s corporate reputation on the line. IBM is too big and important to take such risks. VMware, while not so big, it’s the same for them. Corporate Identity is too massively important for a business to risk with unsubstantiated innuendo and rumour.
In the mean time I will assume the integrity of the comments until otherwise stated.
-
11th August 2008, 10:16 AM #6Cro-Magnon
- Join Date
- Sep 2007
- Location
- Central Victoria, Australia
- Age
- 64
- Posts
- 764
There are two ways you could handle reading an article like this.
First, you could run around doing a Chicken Little impersonation, so popular with the Anything But Microsoft crowd, shouting "The sky is falling! Vista is destroyed!".
Second, you could wait until the paper has actually been presented and informed commentary is available.
Your first choice is nothing but rumour and speculation. Somewhat typical of the ABMs.
Do you ever do any woodworking, or are you just here on some crazy computer jihad?... as long as the government is perceived as working for the benefit of children, the people will happily endure almost any curtailment of liberty and almost any deprivation. (A.Hitler)
-
12th August 2008, 07:40 PM #7Cro-Magnon
- Join Date
- Sep 2007
- Location
- Central Victoria, Australia
- Age
- 64
- Posts
- 764
Here is an objective analysis of the paper:
http://arstechnica.com/news.ars/post...ty-bypass.html
My Chicken Little comment wasn't the only one.
I'm still waiting on a detailed response from the Microsoft team, but I think it is fair to say that there is nothing alarming here.... as long as the government is perceived as working for the benefit of children, the people will happily endure almost any curtailment of liberty and almost any deprivation. (A.Hitler)
Similar Threads
-
Vista Business
By John Saxton in forum COMPUTERSReplies: 9Last Post: 28th October 2007, 08:32 AM -
vista
By jow104 in forum NOTHING AT ALL TO DO WITH WOODWORKReplies: 9Last Post: 18th June 2007, 12:31 PM -
Help!!!! Vista v's Win 98 Networking problem
By thetassiebfg in forum COMPUTERSReplies: 11Last Post: 30th April 2007, 11:59 PM -
Windows Vista
By Doughboy in forum ANNOUNCEMENTSReplies: 43Last Post: 22nd February 2007, 11:05 PM -
Sierra Vista
By clubbyr8 in forum WOODTURNING - PEN TURNINGReplies: 1Last Post: 20th October 2006, 09:00 PM