“This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its knees,” Jason Kelley reports for Newwin.net.
“Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. have discovered a technique that can be used to bypass all memory protection safeguards that Microsoft built into Windows Vista. These new methods have been used to get around Vista’s Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP) and other protections by loading malicious content through an active web browser. The researchers were able to load whatever content they wanted into any location they wished on a user’s machine using a variety of scripting languages, such as Java, ActiveX and even .NET objects. This feat was achieved by taking advantage of the way that Internet Explorer (and other browsers) handle active scripting in the Operating System,” Kelley reports.
MacDailyNews Take: Microsoft Windows is insecure? Who would’ve guessed?
Kelley continues, “While this may seem like any standard security hole, other researchers say that the work is a major breakthrough and there is very little that Microsoft can do to fix the problems. These attacks work differently than other security exploits, as they aren’t based on any new Windows vulnerabilities, but instead take advantage of the way Microsoft chose to guard Vista’s fundamental architecture. According to Dino Dai Zovi, a popular security researcher, ‘the genius of this is that it’s completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That’s completely game over.'”
Kelly reports, “‘This stuff just takes a knife to a large part of the security mesh Microsoft built into Vista,’ said Dai Zovi to SearchSecurity.com. ‘If you think about the fact that .NET loads DLLs into the browser itself and then Microsoft assumes they’re safe because they’re .NET objects, you see that Microsoft didn’t think about the idea that these could be used as stepping stones for other attacks. This is a real tour de force.'”
Full article here.
[Thanks to MacDailyNews Reader “Wingsy” for the heads up.]
Boom! Yet another reason, as if you needed one, to Get a Mac.
Time to stop the presses and time wasted on the M$ FUD campaign that Vista is awesome and ignore OS X, ramp up Windows 7! Oh wait W7 is based on Vista! WFT?!
@Andy: Registry modifications need user input?
Since when did OS X get a registry?
Hard to modify something when it does not exist.
M$ is doomed… it REALLy is! Common, Balmer: stop everything and give back the monney to the shareholders! And don’0t go believing that this sentence will bring you any good luck… it won’t! This is not a question of luck: Apple has never sold bul..t. This makes all the difference!
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
“… According to Dino Dai Zovi, a popular security researcher, ‘the genius of this is that it’s completely reusable. …”
Good thing Dino is popular, otherwise he probably never would have been quoted, except by other members of the chess club.
@ HMCIV,
Was laughing my @$$ off at your first post above!
Thanks for the Friday humor.
Despite the fact that this *alleged* threat is currently only directly associated with Vista, no one should take any satisfaction in Microsoft’s situation. From a purely selfish standpoint, consider the potential disruption to your life if this threat materializes and is exploited. It won’t matter that you might use a Mac at home and at work. Your personal and financial life is distributed across Windows-based computers all over the place. This is not a good thing, even if it boosts Apple and hurts M$.
The gift, i.e. turd that just keeps on giving!
Release Mojave now! That will fix the problem!
Apple already has their iPhone production ramped up to capacity at 800,000 units a week. I think they need to ramp up Mac production, too. There’s a surge a’comin’!
Peace.
” width=”19″ height=”19″ alt=”cool smile” style=”border:0;” />
Olmecmystic
Now we just need major news outlets to get ahold of this story.
This problem is easily fixable. The solution is to keep all computers running Windows off the internet. Problem solved.
Dino Dai Zovi, a popular security researcher
Does he have trading cards out?
“lowest approval ratings? You mean congress? They are in single digits.”
Good point. It’s comforting to know they are on vacation and W. is at the Olympics. It’s not like the U.S. needs leadership. Maybe W. can throw up on them like his dad did to the Japanese Prime Minister.
Ah yes, a Congress with Nancy Pelosi who apparently is so intent on saving the world that even if gas reached $10 a gallon, they would not lift the oil drilling moratorium, because what’s the point of being at the top of the food chain if we’re going to actually use our position at the time to help ourselves a bit. Nope, all animals and plants and their needs are ipso facto more important than ours. Look, I don’t mind recycling and green energy if possible, but until that stuff appears, we have to use what we’ve got developed and at the moment that happens to be internal combustion engines. Do I wish that oil companies hadn’t squashed attempts to make cars more efficient? Definitely. Do I enjoy the fact that they’re making record profits while ordinary Americans are bent over their cars and wallet-raped with a fuel nozzle every time they fill up? Certainly not. I don’t believe in change for change’s sake, nor do I believe in obstructing change because one has the power to do so. I say this both for politics and because Microsoft has also done so in both the past and the present.
Am an independent with Republican leanings but did not vote for Bush in 2004 (was the first year I was eligible to vote).
On topic, it will be interesting to see how this vulnerability plays out. But I reckon those who swear by Microsoft and its products, as compared to those of us who swear at them, probably have their heads so far up Ballmer’s ass that they can examine the contents of his stomach will have their opinions left unaffected by this new mess.
All I can say is…. HOLY SHIT! If this truly is as unfixable as they say, then Microsoft needs to recall that OS and issue a refund to each and every customer who bought it. Of course, they won’t. I see a class action lawsuit brewing BIG TIME!
To the best of my knowledge, OS X 10.5 does not implement DEC or ASLR.
This should not be an issue for Mac users except via having their information compromised by Windows-based systems.
“A retarded, coke head good ol’ boy with the lowest approval rating in U.S. history who gets his instructions from God would never lie. “
that is an incredible post.
in one line you insulted retards, coke heads, good ol’ boys, every president to have an approval rating, and god.
please don’t compare bush to people that are above him. not ever again.
“Do I enjoy the fact that they’re making record profits while ordinary Americans are bent over their cars and wallet-raped with a fuel nozzle every time they fill up?”
Be careful what you wish for:
Throughout the oil and natural gas industries only about 1.5% of the stock is owned by company executives.
The data show that ownership of industry shares is broadly middle class, with the majority of industry shares held by institutional investors, often on behalf of millions of Americans through mutual funds, pension funds and individual retirement accounts.
Almost 43 percent of oil and natural gas company shares are owned by mutual funds and asset management companies that have mutual funds. Mutual funds manage accounts for 55 million U.S. households with a median income of $68,700.
Twenty seven percent of shares are owned by other institutional investors like pension funds. In 2004, more than 2,600 pension funds run by federal, state and local governments held almost $64 billion in shares of U.S. oil and natural gas companies. These funds represent the major retirement security for the nation’s current and retired soldiers, teachers, and police and fire personnel at every level of government.
Fourteen percent of shares are held in IRA and other personal retirement accounts. Forty five million U.S. households have IRA and other personal retirement accounts, with an average account value of just over $22,000.
“Ah yes, a Congress with Nancy Pelosi who apparently is so intent on saving the world that even if gas reached $10 a gallon, they would not lift the oil drilling moratorium…..”
blah blah blah snipped.
7 different bills were submitted to congress which all would have made more difference to the gas price, and all in less than a year rather than 20 years like drilling.
including:
tapping the reserves, rules against price gouging, cracking down on speculators (most economists see them as the primary cause of current prices) stopping tax breaks for oil companies (cause yes, the repubs give tax breaks to companies that have record profits) and a tax break for people paid for by the oil companies tax break being removed.
all of them were blocked by republicans.
all of them. republicans.
so how does the republican BS stack up to reality?
so ’04 was your first chance to vote? do us all a favor and better educate yourself before this vote, huh? kthxbai!
“please don’t compare bush to people that are above him. not ever again.”
“The economy is growing, productivity is high, trade is up, people are working. It’s not as good as we’d like, but — and to the extent that we find weakness, we’ll move.” –George W. Bush, Washington, D.C., July 15, 2008
shen,
“in one line you insulted retards, coke heads, good ol’ boys, every president to have an approval rating, and god.”
Good one.
Oh, and I get a kick out of the Republicans staging that little protest over Pelosi’s move. Even if this off shore drilling is approved, it will be years before any effects are realized, if at all. But I’m sure McCain enjoyed it.
I must admit though, I think Nancy Pelosi is one of the most incompetent dimwits in Congress. That fool wouldn’t know reality if it bit her in the ass. She gives liberals a bad name.
Hey, not to worry. Windows 7, Midori, and Monkey Boy doing a fast Tap Dance is coming soon and will take care of everything.
In the meantime, let’s just hold off on any purchases of VISTA (as if, that was on your To Do List).
It’s comforting to know they are on vacation and W. is at the Olympics. It’s not like the U.S. needs leadership.
Don’t worry, Cheney’s in charge now….!
Is that you writing all the diatribes, Big Al? I mighta figured you’d be lurking in the Apple blog sites…
“I must admit though, I think Nancy Pelosi is one of the most incompetent dimwits in Congress. That fool wouldn’t know reality if it bit her in the ass. She gives liberals a bad name.”
and yet, she is better than 90% of the repubs you can name. sad, isn’t it?
Its not hard to control a computer that runs vista.
Have you ever put a dvd with a broken toc into a vista machine and try to open it. The entire system becomes unresponsive (even the power button) the cpu goes to a 100% usage, (depending on the motherboard the fans might not speed up causing alot of issues). Then if you unplug the computer and replug it in it will not boot and in effect you either get a b0ot error or the black screen of death. The system only comes back alive when the cd is removed manually (You take the faceplate off the optical drive and with a paperclip you trigor the emergency open).