It’s Official, Vista Is Pwned!
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
Windows Vista has been ‘pwned’ big time. A couple of researchers attacked Vista by using the way that Internet Explorer handles active scripting and .NET objects which results in effectively bypassing the memory protection safeguards in Vista.
This means that using these exploits it is possible to do pretty much anything you want and the user can do nothing to stop it. As of this writing, neither can Microsoft do much about it.
The article quoted Dino Dai Zovi, a well-known security researcher and author who summed the situation up nicely:
“They have attacks that let them load chosen content to a chosen location with chosen permissions. That’s completely game over. What this means is that almost any vulnerability in the browser is trivially exploitable.”
How long before this attack is duplicated in the wild is yet to be known, but I’m pretty certain that it’s going to be soon.
Technorati Tags: windows vista, protected memory, active scripting, .net, security flaw
If you enjoyed this post, make sure you subscribe to my RSS feed!
