JMH
Banned
- Local time
- 3:25 AM
- Messages
- 6,448
Source -Security researchers have defeated vulnerability protections baked into the latest versions of Internet Explorer, demonstrating that it's possible to poke holes in a safety net that's widely relied on to keep end users safe from drive-by exploits.
By exploiting weaknesses in Adobe Systems' Flash Player, researchers have devised two separate attacks that bypass mitigations Microsoft put into IE 7 and 8. Known as ASLR, or address space layout randomization, and DEP, or data execution prevention, the technologies are designed to lessen the severity of bugs by making it hard for them to cause the execution of malicious code.
Both techniques wield the so-called just-in-time compiler in Flash so that a computer's memory is blanketed with large chunks of identical shellcode. The "JIT-spray" allows attackers to overcome ASLR, which normally thwarts execution by picking a different memory location to load system components each time an operating system is started.
Researchers penetrate last bastion of Windows security ? The Register
My Computer
At a glance
Win 7 Ultimate 64-bit. SP1.Intel i7 -720QM.[1.6GHz Turbo Boost 2.8GHz. 6...8 DDR 3 RAM. 1066MHZATI 1024 MB. DDR3. Radeon HD5650
- Computer Manufacturer/Model Number
- LAPTOP. HP Pavilion dv7-4010TX .
- OS
- Win 7 Ultimate 64-bit. SP1.
- CPU
- Intel i7 -720QM.[1.6GHz Turbo Boost 2.8GHz. 6MB Cache.]
- Memory
- 8 DDR 3 RAM. 1066MHZ
- Graphics Card(s)
- ATI 1024 MB. DDR3. Radeon HD5650
- Monitor(s) Displays
- 17.3" High Definition Brightview LCD. LED Backlit.
- Screen Resolution
- 1600 x 900.
- Hard Drives
- 640GB
- Case
- Laptop / notebook.
- Mouse
- Logitech Anywhere mouse. MX.
- Internet Speed
- ADSL [ but too slow ]
