It's Official, Vista Is Pwned!
Welcome back!
Windows Vista has been 'pwned' big time. A couple of researchers attacked Vista by using the way that Internet Explorer handles active scripting and .NET objects which results in effectively bypassing the memory protection safeguards in Vista.
This means that using these exploits it is possible to do pretty much anything you want and the user can do nothing to stop it. As of this writing, neither can Microsoft do much about it.
The article quoted Dino Dai Zovi, a well-known security researcher and author who summed the situation up nicely:
"They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over. What this means is that almost any vulnerability in the browser is trivially exploitable."
How long before this attack is duplicated in the wild is yet to be known, but I'm pretty certain that it's going to be soon.
Technorati Tags: protected memory, security flaw, .net, windows vista, active scripting
Just copy this code and paste it on your site where you want the link to appear:
