Windows Vista security shredded by researchers

Register FREE to participate in our community of gamers and pc enthusiasts.
Forgot your Password?
Resend Activation Email

Neoseeker : News : Windows Vista security shredded by researchers

Latest News

Fri, Jul 03

EVE Online player robs his own clan for real world cash

Namco Bandai secures Dragon Ball games license

Online mode shown in new FIFA Manager 10 video

YouTube doubles video file size for upload

Fan-made Mega Man X RPG is best thing since MMX2

Gears of War 2: Double XP weekend, Title Update 4 released

Samsung N510 Ion netbook sighted

2K Games Huge Game pack now on Steam

Two Worlds: The Temptation becomes Two Worlds II

Inno3D i-Chill GeForce GTS 250

Thu, Jul 02

Capcom sends out new Tatsunoko vs. Capcom screens

Resident Evil: The Darkside Chronicles - Japan Expo trailer + screens

Alpha Protocol: Release date pegged, plus new dev diary

Director and writer featured in new Batman: Arkham Asylum video

Steam weekend deal: Fallout 3 for $24.99

Microsoft drops IE8 'OMGIGP' ad following complaints

iPhone has limited operating temperature threshold, Apple warns

Warner Bros. Midway acquisition secured

Xbox LIVE: Advertising incoming

Battlefield 1943 dated, Guadalcanal trailer released

Wed, Jul 01

Cooler Master Global Modding Contest

NZXT Sentry 2 fan controller

Mushkin to release new line of self-branded video cards

Wolfenstein PC system requirements announced

Analyst: Xbox 360 will fall to PlayStation 3 in 2015

send article

hardware newsletter

article comments (7)

Windows Vista security shredded by researchers

William Henning - Friday, August 8th, 2008 | 12:17PM (PT)

So much for enhanced security.

SearchSecurity reports that two security researchers have found a way that gets around all of the memory protection safe guards in Vista.

Speaking at Black Hat, Mark Dowd of IBM Internet Security Systems and Alexander Sotirov of VMware Inc will talk about new ways they found to bypass Vista's Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP) and other protections, by using Java, ActiveX and .NET objects to load arbitrary content into web browsers. Apparently Internet Explorer is particularly vulnerable to the new techniques which take advantage of how web browsers handle active scripting and .NET objects to allow loading any code they wish - and executing it. Apparently the root of the flaw is that Microsoft software assumes that any .NET objects loaded are safe, and they can load arbitrary DLL's.

Source: Windows Vista security 'rendered useless' by researchers

Section: OS & Software

back to news comments or corrections

Comments:

0 thumbs!
x_revenge | Aug 8, 08 | quote

so making secuity systems like that is what took'em 4 years to make vista?
0 thumbs!
mongy | Aug 9, 08 | quote

Microsoft, they make u puke, cant get xp right & still come out with vista, which is a load of crap.

- This news story is archived and is closed to new comments now -

RSS Feeds

Latest Comments

Most Comments

Latest Net Reviews:

·	Corsair Dominator GT PC3-16000 Triple Channel Kit
·	eVGA GeForce GTX 275
·	Asus EAH4770/HTDI/512MD5
·	Cooler Master Storm Scout
·	Antec Mini P180 & NSK6580B Review
·	Asus Maximus II GENE

Latest Inhouse:

(0.0689/d/nova)