Defeating XP SP2 Heap Protection
hobo2k writes "XP SP2 included canary values and hardware-implemented execution protection in order to avoid exploitable buffer overruns. Now Positive Technologies has released an article describing one way that protection could be bypassed. To solve the problem, they provide a program which disables the small allocation heap as described here. CNET reports that SP2 has been foiled."
surprises anyone?
The higher the technology, the sharper that two-edged sword.
forst porsts.
fr0st p1ss
Exploit Of The Day
i wonder if Nick McGrath is eating a nice hot plate of crow right about now...
at which time company Chairman Bill Gates called the update "a significant step in delivering on our goal to help customers make their PCs better isolated and more resilient in the face of increasingly sophisticated attacks."
;-( ) it was referred too as "unpredicted", not actually "sophisticated"!
The increasingly sophisticated attacks just threw me over the edge! It sounds so much like a Big Brother representative would sound when informing the world of a successful (real) attack, and even in the last time it happened (9/11
Do not you think it is appropriate for Bill a) not to use anti-terrorism language and b) remember that buffer-overflow attacks were in the books, when, like 1969? (AFAIR, Morrisson's warm used that).
Paul B.
Please do not compare Linux to murder; it only makes conservative organizations buy products from a convicted monopolist. Please do not compare viruses to children if doing so makes you compare Linux to murder.