Home > Computers / Software, Internet / New-Media, Science / Technology / Communications, Strategy > Vista's Security is made completely useless by a new vulnerability

Vista's Security is made completely useless by a new vulnerability

See the article from Neowin

This week at the just completed Black Hat Security Conference at Caesar’s Palace in  Las Vegas, two security researchers discussed their findings which could completely bring Windows Vista to its knees.

Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. have discovered a technique that can be used to bypass all memory protection safeguards that Microsoft built into Windows Vista. These new methods have been used to get around Vista’s Address Space Layout Randomisation (ASLR), Data Execution Prevention (DEP) and other protections by loading malicious content through an active web browser. The researchers were able to load whatever content they wanted into any location they wished on a user’s machine using a variety of scripting languages, such as Java, ActiveX and even .NET objects.

This feat was achieved by taking advantage of the way that Internet Explorer (and other browsers) handle active scripting in the Operating System.

I wonder does this problem affect other Windows Systems such as NT, 2000 and XP plus Server operating systems of course.   Its almost as if people are looking for ways to bring down Microsoft – they seem obsessed. Although to know the problem which in this case is considerable is warranted.

I would have thought that this would have been something that would have been checked – I don’t use Internet Explorer or any other Microsoft based application for access to the Internet.


  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: