Neoseeker : News : Windows Vista security shredded by researchers
RSS Feeds   Article comments (7)
Return to News Index

Windows Vista security shredded by researchers
William Henning - Friday, August 8th, 2008 | 11:17AM (PT) 0 Like


So much for enhanced security.

SearchSecurity reports that two security researchers have found a way that gets around all of the memory protection safe guards in Vista.

Speaking at Black Hat, Mark Dowd of IBM Internet Security Systems and Alexander Sotirov of VMware Inc will talk about new ways they found to bypass Vista's Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP) and other protections, by using Java, ActiveX and .NET objects to load arbitrary content into web browsers. Apparently Internet Explorer is particularly vulnerable to the new techniques which take advantage of how web browsers handle active scripting and .NET objects to allow loading any code they wish - and executing it. Apparently the root of the flaw is that Microsoft software assumes that any .NET objects loaded are safe, and they can load arbitrary DLL's.


Windows Vista security shredded by researchers Image 1
  • 0 thumbs!
    x_revenge since Nov 2007 | Aug 8, 08
    so making secuity systems like that is what took'em 4 years to make vista?
  • 0 thumbs!
    mongy since Nov 2003 | Aug 9, 08
    Microsoft, they make u puke, cant get xp right & still come out with vista, which is a load of crap.
  • 0 thumbs!
    arkangyl since Aug 2008 | Aug 10, 08
    What else is new? A security loophole in a crappy OS? When will Microsoft stop trying to copy Mac OS's coolness, and actually produce a quality, reliable product?
  • 0 thumbs!
    killerkid22 since Jun 2007 | Aug 10, 08
    wow....so im guessing you guys are one of the people who never liked vista? oh calm down...knowing microsoft, they probably feel really stupid are working on a major patch for it right now...here comes service pack 2 already
  • 0 thumbs!
    Darkness Flame since Sep 2004 | Aug 10, 08
    Besides, it's still more secure than OS X. Still, I would have figured Microsoft's own .NET framework would have been ... protected.
  • 0 thumbs!
    arkangyl since Aug 2008 | Aug 11, 08
    More secure than OSX? Have you _tried_ to hack into a Mac? Oh, and a Mac running XP doesn't count.
  • 0 thumbs!
    | Aug 14, 08
    I have vista home premium and I am thinking of getting,Windows Live OneCare why do they sell us, OS and then we have to purchase internet protection why is it not built in to the system???????????????? other than money! Would this be a wise thing to purchase, advice please
- This news story is archived and is closed to new comments now -

Hardware Newsletter:
Email:



Compare Prices

Motherboards
Abit
ASUS
Gigabyte
MSI
eVGA
Intel
Tyan
More...

Processors
AMD
Intel
More...

Memory
DDR
DDR2
DDR3
More...

Video Cards
ATI
eVGA
XFX
BFG
Sapphire
More...

search for lowest prices
(0.1035/d/nova)