Researchers penetrate last bastion of Windows security.

Page 1 of 2 12 LastLast

    Researchers penetrate last bastion of Windows security.


    Posted: 04 Feb 2010
    Security researchers have defeated vulnerability protections baked into the latest versions of Internet Explorer, demonstrating that it's possible to poke holes in a safety net that's widely relied on to keep end users safe from drive-by exploits.

    By exploiting weaknesses in Adobe Systems' Flash Player, researchers have devised two separate attacks that bypass mitigations Microsoft put into IE 7 and 8. Known as ASLR, or address space layout randomization, and DEP, or data execution prevention, the technologies are designed to lessen the severity of bugs by making it hard for them to cause the execution of malicious code.

    Both techniques wield the so-called just-in-time compiler in Flash so that a computer's memory is blanketed with large chunks of identical shellcode. The "JIT-spray" allows attackers to overcome ASLR, which normally thwarts execution by picking a different memory location to load system components each time an operating system is started.
    Source -
    Researchers penetrate last bastion of Windows security ? The Register
    Posted By: JMH
    04 Feb 2010



  1. Posts : 914
    Windows 8 Pro
       #1

    Thanks for the info..... It just goes to show nothing can stay secure forever. Both sides of the fence are able to keep people employed and very busy.
      My Computer


  2. Lee
    Posts : 1,796
    Win 7 Pro x64, VM Win XP, Win7 Pro Sandbox, Kubuntu 11
       #2

    This won't be the last. . .you can bet on that. :)
      My Computer


  3. Posts : 5,807
    Windows 7 Home Premium x64 - Mac OS X 10.6.4 x64
       #3

    anyone else not realizing that yet again an adobe product is the cause of a major security hole in Windows systems?

    First PDFs...now flash??
      My Computer


  4. Posts : 51,383
    Windows 11 Workstation x64
       #4

    Zidane24 said:
    anyone else not realizing that yet again an adobe product is the cause of a major security hole in Windows systems?

    First PDFs...now flash??
    After all the recent fuss with IE6 due to security issues, maybe it's time that flash was phased out too as not a week goes by without another flash vulnerability.
      My Computers


  5. Posts : 346
    Windows 7 Pro X64
       #5

    I think I hate flash more etch day...to many security issues
      My Computer


  6. Posts : 4,280
    Windows 7 ultimate 64 bit / XP Home sp3
       #6

    z3r010 said:
    Zidane24 said:
    anyone else not realizing that yet again an adobe product is the cause of a major security hole in Windows systems?

    First PDFs...now flash??
    After all the recent fuss with IE6 due to security issues, maybe it's time that flash was phased out too as not a week goes by without another flash vulnerability.
    I agree excellent idea. All for it. Fabe
      My Computer


  7. HJA
    Posts : 121
       #7

    maybe it's time that flash was phased out
    I have to use Flash when I use Adobe video editing. Locking off the internet and then disabling Flash when I'm done should be a safe route, shouldn't it?
      My Computer


  8. Posts : 3,141
    Vista Ult 64 bit Seven Ult RTM x64
       #8

    Thanks for the heads up Jan.
      My Computer


  9. Posts : 625
    Windows 7 Ultimate 64Bit
       #9

    i'm no Apple fanboy but this is why Jobs won't entertain flash.
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 10:34.
Find Us