For those of you that were concerned with How to Impress Girls with Browser Memory Protection Bypasses (hear about it at Vista's Security Rendered Completely Useless by New Exploit), rest assure, the sky isn't falling. As the article states:
These techniques are being seen as an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.
Ok, this is not absolutely related to Microsoft (being co-written by IBM and VMWare, Vista was the obvious choice), and some kind of user intervention is probably needed (or not?).
As ARSTechnica states, the fact is the problem seems to be related with where the DEP checking is made:
One of the key mechanisms used is the fact that the protections are not always applied. Internet Explorer 7 and Firefox 2 both opt out of DEP, and many third-party libraries such as the Flash plugin opt out of ASLR (and other protection mechanisms). Plugins can also do things that can deliberately defeat the OS's countermeasures; Java, for example, marks all of its memory as executable, meaning that a Java applet can place into memory executable code that's immune to DEP protection.
Ok, it seems like applications do have to much control over what is and isn't DEP verified, but still there is much Microsoft can do about it. Let's wait for their answer - and for the corresponding hungry answer from the users :)
No comments:
Post a Comment