Coffeehouse Post

Single Post Permalink

View Thread: Vista's Security Rendered Completely Useless By New Exploit
  • User profile image

    Lloyd_Humph said:
    corona_coder said:
    No, Mac users and Linux users are not safe. I read somewhere (will find the source soon) that it could easily be applied to OSX and Linux.

    So once again, you're wrong. It's just out of Vista because of the BlackHat thing, and thats the machine they chose to test it on. They could've easily done it on any other one.

    Presented by Mark Dowd and Alexander Sotirov, of IBM and VMware, respectively, the exploit negates key security features such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), which make it difficult to locate and execute code and data. And apparently this exploit is so broad and game changing that it could be applied to other platforms.

    Dai Zovi stressed that the techniques Dowd and Sotirov use do not rely on specific vulnerabilities. As a result, he said, there may soon be similar techniques applied to other platforms or environments.

    "This is not insanely technical. These two guys are capable of the really low-level technical attacks, but this is simple and reusable," Dai Zovi said. "I definitely think this will get reused soon, sort of like heap spraying was."