Vista's Security Rendered Completely Useless by New Exploit

[w¡n9Nµ7 §£@¥€r 123]

Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. have discovered a technique that can be used to bypass all memory protection safeguards that Microsoft built into Windows Vista ... The researchers were able to load whatever content they wanted into any location they wished on a user's machine using a variety of objects, such as Java, ActiveX and even .NET objects. This feat was achieved by taking advantage of the way that Internet Explorer (and other browsers) handle active scripting in the Operating System.

While this may seem like any standard security hole, other researchers say that the work is a major breakthrough and there is very little that Microsoft can do to fix the problems. These attacks work differently than other security exploits, as they aren't based on any new Windows vulnerabilities, but instead take advantage of the way Microsoft chose to guard Vista's fundamental architecture. According to Dino Dai Zovi, a popular security researcher, "the genius of this is that it's completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over."

...

While Microsoft hasn't officially responded to the findings, Mike Reavey, group manager of the Microsoft Security Response Center, said the company has been aware of the research and is very interested to see it once it has been made public. It currently isn't known whether these exploits can be used against older Microsoft Operating Systems, such as Windows XP and Windows Server 2003, but since these techniques do not rely on any one specific vulnerability, Zovi believes that we may suddenly see many similar techniques applied to other platforms or environments.

http://www.neowin.net/news/main/08/08/08/v...-by-new-exploit

[Ken y Leidys 20]

Back in the day, my parents waited in long car lines to deposit checks and withdrawl cash with actual tellers handling transactions. We might return to this one day if things persist.

[Ban Hammer 13,352]

sales of vista should drop even more now. and i think you're right, ken.

[Scott & Lai 12]

So, can we have XP back, since Vista isn't any more secure than XP anyway?

[Niels Bohr 72]

Vista can support more than 4 Gb of memory versus XP. With more applications taking advatange of more features such a photoshop (higher megapixels = larger memory needed), video application, etc...It's essential to adapt an OS that supports more than 4GB of memory.

The technicality is this, 2^32 memory locations equals approx. 4 gb. The 32 is the amount of bits the OS supports. Vista can support 64 bits, 2^64 memory locations is approx. 18,000 PB (not peanut butter) which is about 18 million Gb.

There will always be holes within an OS. The complexity of taking advantage of the hole will also become very complex.

Hey, there are still people who wants to get back into DOS. ROFL. I'm not surprised.

Edited August 9, 2008 by consolemaster

[w¡n9Nµ7 §£@¥€r 123]

I have some dinosaurs at work who wanna go back to OS2. They need to take their pension and GTFO already.

[Dr. A ♥ O 203]