Re: White paper: Exploiting the Win32 API.

[Florian Weimer <Weimer () CERT Uni-Stuttgart DE>]

Chris Paget <ivegotta () tombom co uk> writes:

> 5)  This is not a bug.  This is a new class of vulnerabilities, like a
> buffer overflow attack or a format string attack.

No, it isn't.  Otherwise Windows NT wouldn't offer countermeasures,
would it?

AFAIK, Windows NT allows applications to switch to different "screens"
or "desktops", which run in different security contexts.  For example,
if you press Ctrl + Alt + Delete, you switch to such a different
screen, The administrator password can be entered on this screen, and
applications started by the user cannot sniff it.  At least that's the
theory.  Maybe there are flaws in the implementation, but the design
as such is sound.

On the other hand, it doesn't seem to be possible to show dialogs on
the real user desktop in a safe manner, but that's hardly surprising.
Perhaps it's a bit hard to sell software which switches desktops in
the required way, but I'm sure the programmers knew what they were
doing.

(I'm sorry about the incorrect terminology, I'm not familiar with
Windows at all.)

-- 
Florian Weimer                    Weimer () CERT Uni-Stuttgart DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898