[Windows SIG] Windows security total breach.

Loyd W. Dreher POBox-LWD-Austin at pobox.com
Mon Aug 11 17:15:15 CDT 2008 

I just received this from a network Guru acquaintance of mine.
It was authenticated by his net signature.

To all windows uses.

Loyd W. Dreher

friday, august 8th


Vista security gutted by new web exploit

<http://www.electronista.com/articles/08/08/08/vista.security.gutted/>
[]

Many of the 
<http://www.electronista.com/articles/08/08/08/vista.security.gutted/#>security 
measures Microsoft has implemented and touted for Windows Vista have 
been compromised through a single exploit, a presentation made at 
this week's Black Hat hacking conference 
<http://macnn.com/rd/107826==http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1324395,00.html>claims. 
IBM Information Security Systems' Mark Dowd and VMware's Alexander 
Sotirov have found a method that uses scripting systems such as Java 
and elements of the .NET framework in Windows-based web browsers to 
arbitrarily run code on 
<http://www.electronista.com/articles/08/08/08/vista.security.gutted/#>Vista 
systems. Internet Explorer is particularly vulnerable due to its use 
of ActiveX.
The malicious code not only negates the effectiveness of Vista's 
Address Space Layout Randomization and Data Execution Prevention 
technologies, which respectively randomize the location of some code 
in memory and prevent executing code from outside a certain memory 
space, but specifically abuses their behavior to ensure an attack gets through.

Microsoft is also unlikely to have any way of patching against the 
approach, since it can be reused whenever another vulnerability is 
found in a web browser. Such programs are also often the one 
Internet-based program that is often unblocked 
by<http://www.electronista.com/articles/08/08/08/vista.security.gutted/#>security<http://www.electronista.com/articles/08/08/08/vista.security.gutted/#> 
software and would thus thwart simple defense mechanisms such as 
blocking network ports or program permissions.

The technique is also characterized as generic enough that it can run 
in other environments and on other platforms, although it's uncertain 
whether this would permit a variant to attack a non-Windows OS or 
simply other programs within Windows.

Microsoft knows of the exploit's existence but hasn't been given a 
private briefing; the company is currently waiting on a public 
elaboration on the full details of how the exploit works.

The discovery of the security potentially undermines much of 
Microsoft's marketing effort for Vista, which has regularly centered 
around security. The company has suffered previous blows to its 
reputation through Windows XP exploits such as the Blaster worm, 
whose rapid spread in 2003 prompted public concern and a new effort 
on the part of Microsoft to emphasize security over convenience.



No virus found in this outgoing message.
Checked by AVG - http://www.avg.com 
Version: 8.0.138 / Virus Database: 270.6.1/1605 - Release Date: 8/11/2008 4:59 PM

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.theccwizards.com/pipermail/windows/attachments/20080811/a3739119/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vista-uac.jpg
Type: image/jpeg
Size: 21741 bytes
Desc: not available
Url : http://www.theccwizards.com/pipermail/windows/attachments/20080811/a3739119/attachment-0001.jpg

More information about the Windows mailing list