Secure Coding mailing list archives
Dark Reading - Application and Perimeter Security - Hacking the Vista Kernel - Security News Analysis
From: ken at krvw.com (Kenneth Van Wyk)
Date: Tue, 25 Jul 2006 13:04:37 -0400
Here's an interesting article from Dark Reading regarding a software attack on the existing Vista beta: http://www.darkreading.com/document.asp? doc_id=99780&f_src=darkreading_section_296 I noticed, in particular, that the attack is against a design weakness of Vista -- "The attack doesn't use your typical buffer overflow or other bug, but basically exploits a Vista (and Windows) design problem -- that user-mode applications are allowed to access raw disk sectors, Rutkowska says." The attack, which is being described in detail at Blackhat, looks for "interesting" OS code to be paged out and then carefully modifies the contents of the page file in order to dupe Vista into loading the corrupt page data. Cheers, Ken Kenneth Van Wyk KRvW Associates, LLC http://www.KRvW.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://krvw.com/pipermail/sc-l/attachments/20060725/08cd73e8/attachment.html
Current thread:
- Dark Reading - Application and Perimeter Security - Hacking the Vista Kernel - Security News Analysis Kenneth Van Wyk (Jul 25)
- Dark Reading - Application and Perimeter Security - Hacking the Vista Kernel - Security News Analysis Pete Shanahan (Jul 25)
- Dark Reading - CERT Seeks Secure Coding Input Robert C. Seacord (Jul 25)
- Dark Reading - Application and Perimeter Security - Hacking the Vista Kernel - Security News Analysis Pete Shanahan (Jul 25)