Neoseeker : News : Windows Vista security shredded by researchers
Hardware Newsletter:
Email:

Latest News
Wed, Aug 20
Tue, Aug 19
Mon, Aug 18
Sun, Aug 17
Sat, Aug 16
Fri, Aug 15
send article hardware newsletter   article comments (7)

Windows Vista security shredded by researchers
William Henning - Friday, August 8th, 2008 | 12:17PM (PST)


So much for enhanced security.

SearchSecurity reports that two security researchers have found a way that gets around all of the memory protection safe guards in Vista.

Speaking at Black Hat, Mark Dowd of IBM Internet Security Systems and Alexander Sotirov of VMware Inc will talk about new ways they found to bypass Vista's Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP) and other protections, by using Java, ActiveX and .NET objects to load arbitrary content into web browsers. Apparently Internet Explorer is particularly vulnerable to the new techniques which take advantage of how web browsers handle active scripting and .NET objects to allow loading any code they wish - and executing it. Apparently the root of the flaw is that Microsoft software assumes that any .NET objects loaded are safe, and they can load arbitrary DLL's.


Windows Vista security shredded by researchers Image 1

Source: Windows Vista security 'rendered useless' by researchers

Section: OS & Software

back to news    comments or corrections

Comments:

August 8th, 2008 11:36PM(PST)
x_revenge
so making secuity systems like that is what took'em 4 years to make vista?
August 9th, 2008 10:59PM(PST)
mongy
Microsoft, they make u puke, cant get xp right & still come out with vista, which is a load of crap.
August 10th, 2008 4:41AM(PST)
arkangyl
What else is new? A security loophole in a crappy OS? When will Microsoft stop trying to copy Mac OS's coolness, and actually produce a quality, reliable product?
August 10th, 2008 9:45AM(PST)
killerkid22
wow....so im guessing you guys are one of the people who never liked vista? oh calm down...knowing microsoft, they probably feel really stupid are working on a major patch for it right now...here comes service pack 2 already
August 10th, 2008 7:51PM(PST)
Darkness Flame
Besides, it's still more secure than OS X. Still, I would have figured Microsoft's own .NET framework would have been ... protected.
August 11th, 2008 4:42AM(PST)
arkangyl
More secure than OSX? Have you _tried_ to hack into a Mac? Oh, and a Mac running XP doesn't count.
August 14th, 2008 5:13AM(PST)
sniperjoe
I have vista home premium and I am thinking of getting,Windows Live OneCare why do they sell us, OS and then we have to purchase internet protection why is it not built in to the system???????????????? other than money! Would this be a wise thing to purchase, advice please

Submit your comment:
Name *:  Members, please LOGIN before posting
Email:
Comment*:
Live user verification:
* Enter the letters you see in the image (without spaces)

* indicates required fields

   RSS Feeds

Latest Comments
Most Comments
Latest Net Reviews:
·PowerColor Radeon HD 4850 PCS+
·PowerColor Radeon HD 4850 PCS+
·Diamond Radeon HD 4870
·GeCube Radeon HD 4870 (German)
·ATP EarthDrive
·Lian Li PC-V1100

Latest Inhouse:


Compare Prices

Motherboards
 Abit
 ASUS
 Gigabyte
 Intel
 iWill
 Shuttle
 Soyo
 Super Micro
 Tyan
 More...

Processors
 AMD
 Intel
 More...

Memory
 SDRAM
 RDRAM
 DDRAM
 More...

Video Cards
 ATI
 Visiontek
 PNY
 3Dfx
 More...

search for lowest prices

(0.0207/mc/aeon)