[SC-L] Dark Reading - Application and Perimeter Security - Hacking the Vista Kernel - Security News Analysis

Kenneth Van Wyk Tue, 25 Jul 2006 10:24:05 -0700

Here's an interesting article from Dark Reading regarding a software attack on the existing Vista beta:

http://www.darkreading.com/document.asp?doc_id=99780&f_src=darkreading_section_296

I noticed, in particular, that the attack is against a design weakness of Vista -- "The attack doesn't use your typical buffer overflow or other bug, but basically exploits a Vista (and Windows) design problem -- that user-mode applications are allowed to access raw disk sectors, Rutkowska says."

The attack, which is being described in detail at Blackhat, looks for "interesting" OS code to be paged out and then carefully modifies the contents of the page file in order to dupe Vista into loading the corrupt page data.

Cheers,

Ken

Kenneth Van Wyk

KRvW Associates, LLC

http://www.KRvW.com

_______________________________________________
Secure Coding mailing list (SC-L)
SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php

[SC-L] Dark Reading - Application and Perimeter Security - Hacking the Vista Kernel - Security News Analysis

Reply via email to