Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[roseway]

I really don't know what to make of this, but it looks interesting. I see that one of the two researchers is from IBM, who are of course not exactly best friends with Microsoft, so perhaps the threat is being overstated.

http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1324395,00.html

[kitz]

Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system, an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.

/snip/

By taking advantage of the way that browsers, specifically Internet Explorer, handle active scripting and .NET objects, the pair have been able to load essentially whatever content they want into a location of their choice on a user's machine.

Thats pretty scary stuff

you see that Microsoft didn't think about the idea that these could be used as stepping stones for other attacks.

I'm not sure whether to say "typical"... or "surely it only takes time before someone finds some sort of  exploit".
Over to you M$ to find a patch.

[dave.m]

The forum posting was dated 7th Aug. Don't think M$ will have any thing sorted by Update-Tuesday 12th.
Vista users will have to keep checking manual updates on a regular basis for the time being.
dave

[tickmike]

Yet another good case to use Linux.      

[roseway]

I wasn't going to mention that