Slashdot Mirror

← Back to Stories (view on slashdot.org)

Shattering Windows

Posted by timothy on from the fundamentalism dept.

ChrisPaget writes: "I've just released a paper documenting and exploiting fundamental flaws in the Win32 API. Essentially, they allow you to take control of any window on your desktop, regardless of whether that window is running as you, localsystem, or anywhere in between. The technique has been discussed before, but AFAIK this is the first working exploit. Oh, did I mention it's unfixable?" You may want to read this CNET interview with Microsoft security head Scott Charney to learn even more about "trustworthy computing."

2 of 772 comments (clear)

  1. Microsoft has had 7 years of warning. by Quasar1999 · · Score: 2, Offtopic

    Microsoft was told about this flaw when it was first discovered 7 years ago. They still haven't fixed it.

    In other news, microsoft is sueing the cnet for making a flaw public news. They claim they needed more time to fix it, 7 years just isn't enough time to fix the bug and test the patch...

    --

    ---
    Programming is like sex... Make one mistake and support it the rest of your life.
  2. MOD PARENT UP by MORTAR_COMBAT! · · Score: 2, Offtopic

    and then mod me down. posting this one at +1 to attempt to get some attention...

    --
    MORTAR COMBAT!