Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. have discovered a technique that can be used to bypass all memory protection safeguards that Microsoft built into Windows Vista. These new methods have been used to get around Vista's Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP) and other protections by loading malicious content through an active web browser. The researchers were able to load whatever content they wanted into any location they wished on a user's machine using a variety of scripting languages, such as Java, ActiveX and even .NET objects. This feat was achieved by taking advantage of the way that Internet Explorer (and other browsers) handle active scripting in the Operating System.Any bets as to how long it takes before this hits the Intertubes?
Friday, August 8, 2008
If I'm reading this little news item correctly, Microsoft's new operating system is actually an acronym for Very Insecure System Takes Anything -- as in another security hole of oh, say, Grand Canyon proportions has been discovered: