August 10th, 2008, 12:01 PM
|
#1 (permalink)
|
| Sea-Ninja wannabe
Join Date: Apr 2002 Location: Albany, Ga.
Posts: 8,240
|  WARNING - Vista can be easily hacked
Most, if not all of the security features, can be bypassed with a browser exploit. Quote:
By taking advantage of the way that browsers, specifically Internet Explorer, handle active scripting and .NET objects, the pair have been able to load essentially whatever content they want into a location of their choice on a user's machine.
Researchers who have read the paper that Dowd and Sotirov wrote on the techniques say their work is a major breakthrough and there is little that Microsoft can do to address the problems. The attacks themselves are not based on any new vulnerabilities in IE or Vista, but instead take advantage of Vista's fundamental architecture and the ways in which Microsoft chose to protect it.
"The genius of this is that it's completely reusable," said Dino Dai Zovi, a well-known security researcher and author. "They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over.
"What this means is that almost any vulnerability in the browser is trivially exploitable," Dai Zovi added. "A lot of exploit defenses are rendered useless by browsers. ASLR and hardware DEP are completely useless against these attacks."
| M$'s response is: Quote: |
Microsoft officials have not responded to Dowd's and Sotirov's findings, but Mike Reavey, group manager of the Microsoft Security Response Center, said Wednesday that the company is aware of the research and is interested to see it once it becomes public.
|
__________________
They say technology slows down for no one. I know it outruns my wallet. I figure its because my wallet isn't light enough yet.
|
|  |
hardware
prices 
Free Scan: Update Your PC's Outdated Drivers to Optimize Performance 
