Newly-Found Windows Bug Affects All Versions Since NT
garg0yle writes "A researcher has found a security bug that could allow privilege escalation in Windows. Nothing new there, right? Well, this affects the Virtual DOS Machine, found in every 32-bit version of Windows all the way back to Windows NT. That's 17 years worth of Windows and counting. 'Using code written for the VDM, an unprivileged user can inject code of his choosing directly into the system's kernel, making it possible to make changes to highly sensitive parts of the operating system. ... The vulnerability exists in all 32-bit versions of Microsoft OSes released since 1993, and proof-of-concept code works on the XP, Server 2003, Vista, Server 2008, and 7 versions of Windows, Ormandy reported.'"
Cue "Windows Sucks" comments in 5, 4, 3, 2, 1....
Applications Welcome ;-)
ex$$
Slashdot makes me sick. It's just not fair to go digging 14 years prior to the date when Microsoft finally starting taking security seriously.
Rich And Stupid is not so bad as Working For Rich And Stupid.
Actually, I was just messing around. I'm kind of suprised it took someone this long to find a vulnerability in wowexec. I'm sure MS is not even thinking much about this, yet pretty much any program can have the possiblity of a buffer overrun or some sort of registry memory shift.
I found it funny that the Google ad displayed next to the article was for Microsoft forefront touting the security features.
http://www.perfectreign.com/stuff/2010/forefront.jpg
The Kai's Semi-Updated Website Thingy
There, fixed that for ya. :)
- First they ignore you, then they laugh at you, then ???, then profit.
There's an app for that?
rewriting history since 2109
True. For home users you just pop up a window saying "Click here to install keylogger".
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Windows 98SE rules!
Ahhh, Gcc doesn't like the smiley face at the end of line 20
Sig out of date
Windows users are in the dark and fucked.
You make that sound like a bad thing.
XML is a known as a key material required to create SMD: Software of Mass Destruction
Oh, fuck me for not even reading the summary properly. :p
Nice try, dude. If that really worked, we'd all be getting laid like rock stars.
"A government is a body of people usually -- notably -- ungoverned." -Shepherd Book
Since it was a display driver, all you had to do to exploit it was be able to see the screen.