Slashdot Mirror


Defeating XP SP2 Heap Protection

hobo2k writes "XP SP2 included canary values and hardware-implemented execution protection in order to avoid exploitable buffer overruns. Now Positive Technologies has released an article describing one way that protection could be bypassed. To solve the problem, they provide a program which disables the small allocation heap as described here. CNET reports that SP2 has been foiled."

7 of 242 comments (clear)

  1. And this by ScrewMaster · · Score: -1, Troll

    surprises anyone?

    --
    The higher the technology, the sharper that two-edged sword.
    1. Re:And this by camcloud1 · · Score: -1, Troll

      How can we be surprised...SP2 caused more problem than it fixed. But at least we have MS Longtime to look forward to ;)

  2. forst by Anonymous Coward · · Score: -1, Troll

    forst porsts.

  3. Ha by Anonymous Coward · · Score: -1, Troll

    fr0st p1ss

  4. EOTD by Anonymous Coward · · Score: -1, Troll

    Exploit Of The Day

    i wonder if Nick McGrath is eating a nice hot plate of crow right about now...

  5. smart++ by PaulBu · · Score: -1, Troll

    at which time company Chairman Bill Gates called the update "a significant step in delivering on our goal to help customers make their PCs better isolated and more resilient in the face of increasingly sophisticated attacks."

    The increasingly sophisticated attacks just threw me over the edge! It sounds so much like a Big Brother representative would sound when informing the world of a successful (real) attack, and even in the last time it happened (9/11 ;-( ) it was referred too as "unpredicted", not actually "sophisticated"!

    Do not you think it is appropriate for Bill a) not to use anti-terrorism language and b) remember that buffer-overflow attacks were in the books, when, like 1969? (AFAIR, Morrisson's warm used that).

    Paul B.

  6. Penguins do NOT kill babies by tepples · · Score: 1, Troll

    Please do not compare Linux to murder; it only makes conservative organizations buy products from a convicted monopolist. Please do not compare viruses to children if doing so makes you compare Linux to murder.