Printed from http://www.electronista.com

Vista security gutted by new web exploit

updated 12:05 pm EDT, Fri August 8, 2008

Vista Security Gutted

Many of the security measures Microsoft has implemented and touted for Windows Vista have been compromised through a single exploit, a presentation made at this week's Black Hat hacking conference claims. IBM Information Security Systems' Mark Dowd and VMware's Alexander Sotirov have found a method that uses scripting systems such as Java and elements of the .NET framework in Windows-based web browsers to arbitrarily run code on Vista systems. Internet Explorer is particularly vulnerable due to its use of ActiveX.

The malicious code not only negates the effectiveness of Vista's Address Space Layout Randomization and Data Execution Prevention technologies, which respectively randomize the location of some code in memory and prevent executing code from outside a certain memory space, but specifically abuses their behavior to ensure an attack gets through.

Microsoft is also unlikely to have any way of patching against the approach, since it can be reused whenever another vulnerability is found in a web browser. Such programs are also often the one Internet-based program that is often unblocked by security software and would thus thwart simple defense mechanisms such as blocking network ports or program permissions.

The technique is also characterized as generic enough that it can run in other environments and on other platforms, although it's uncertain whether this would permit a variant to attack a non-Windows OS or simply other programs within Windows.

Microsoft knows of the exploit's existence but hasn't been given a private briefing; the company is currently waiting on a public elaboration on the full details of how the exploit works.

The discovery of the security potentially undermines much of Microsoft's marketing effort for Vista, which has regularly centered around security. The company has suffered previous blows to its reputation through Windows XP exploits such as the Blaster worm, whose rapid spread in 2003 prompted public concern and a new effort on the part of Microsoft to emphasize security over convenience.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. moofpup

    Fresh-Faced Recruit

    Joined: Dec 2007

    +3

    Security Experts

    Ok all those security experts need to chime in now since they love to make statements in the press that Vista is more secure then Mac OS X!

  1. DeezNutts

    Fresh-Faced Recruit

    Joined: Apr 2008

    +1

    If true


    If true this is a fundamental flaw that will likely span multiple operating systems and browsers.

    Will be interesting to see the details when its actually published.

    Comment buried. Show
  1. testudo

    Forum Regular

    Joined: Aug 2001

    -12

    hey

    Aren't these folks supposed to report the details to MS, and wait for them to issue a fix, before going public?

  1. wingdo

    Senior User

    Joined: Apr 2001

    +2

    Re: Hey

    Testudo:
    "Microsoft knows of the exploit's existence but hasn't been given a private briefing; the company is currently waiting on a public elaboration on the full details of how the exploit works."

    Comment buried. Show
  1. testudo

    Forum Regular

    Joined: Aug 2001

    -10

    Re: hey

    Right, they 'know' of the exploit. But the whole "waiting on public elaboration' implies to me that they weren't informed of the exact nature of the exploit.

    Man, too bad for MS that they couldn't NDA these guys like Apple did to that other presenter.

  1. henjin

    Fresh-Faced Recruit

    Joined: May 2007

    -7

    Don't laugh too soon

    Due to internet use there will always be exploits. Apple is lucky but I remember a hacker challenge and an OSX box was hacked in record time. Not all exploits are used. Apple was late to fix a recent DNS exploit.
    Also avoid going to p*** or free software sites. When will people learn that the Cloud is no different than any part of our so called real world. Some areas are simply not safe and the police if there are any will not arrive on time.
    Simple defense is to only use the web as if you were walking in gang territory. Meaning you do not.
    MS is a lot more open than Apple by the way on allowing such information.

  1. robttwo

    Fresh-Faced Recruit

    Joined: Nov 2005

    0

    hendumb

    what? Can you provide some kind of translation??

    Doofuses.

  1. Monde

    Fresh-Faced Recruit

    Joined: Jan 2004

    -2

    Vista's full of holes

    The OSX exploit is a straw dog if ever there was one. Produced on day two after lowering the security bar, a home brew exploit hacked a mac. Big woop.

    To date, I've never seen a single exploit for a mac in the wild. I feel justifiably secure in using this platform.

    Vista, on the other hand, is beginning to fray. It cannot help it due to the base code. Until Windows truly reworks their OS, is shouldn't be considered anywhere near safe or secure. 17,000 viruses pretty much peg what Vista is: a mess.

    I've heard their Mojave is pretty good. Ha ha ha.

  1. Neil Anderson

    Fresh-Faced Recruit

    Joined: Jul 2007

    +2

    Mojave

    Oh, man. Just when you thought it couldn't get any worse....

  1. climacs

    Forum Regular

    Joined: Sep 2001

    +3

    doug adams I miss you

    The discovery of the security potentially undermines much of Microsoft's marketing effort for Vista, which has regularly centered around security.

    The Microsoft marketing department: a bunch of mindless jerks who'll be the first against the wall when the revolution comes.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Patriot Supersonic Rage XT 128GB USB drive

USB thumb drives are getting larger by the day, their growth speeding along with the availability and expansion of memory chips. But h ...

Crucial MX100 256GB SATA-3 SSD

While the price-per-gigabyte ratio for magnetic platter-based hard drives can't be beat, the speed that a SSD brings to the table for ...

Narrative Clip

With the advent of social media technology, people have been searching for new ways to share the events of their daily lives -- be it ...

Sponsor

toggle

Most Commented

 
toggle

Popular News