Slashdot Mirror

← Back to Stories (view on slashdot.org)

MS Virtual PC Flaw Defeats Windows Defenses

Posted by kdawson on from the around-the-maginot-line dept.

Coop's Troops writes "An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft's Virtual PC virtualization software to malicious hacker attacks. The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigations — DEP, SafeSEH and ASLR — to exploit the Windows operating system. As a result, some applications with bugs that are not exploitable when running in a not-virtualized operating system are rendered exploitable if running within a guest OS in Virtual PC."

3 of 141 comments (clear)

  1. Re:Which only goes to show, it's always something by WrongSizeGlass · · Score: 4, Funny

    So Virtual PC is virtually as secure (or insecure) as a real PC? If you wanted the security of a real PC then they should have, um, well ... never mind.

  2. Re:Ugh, this isn't good. by WrongSizeGlass · · Score: 2, Funny

    Dude, like, stop being so reasonable - you're gonna park a cloud over our MS bashing and 'I told you so' evangelism. It's not everyday we get to trash MS over a security issue.

  3. Re:Mac OS X by PopeRatzo · · Score: 2, Funny

    sex with other men.

    Not all of us can afford Macs.

    --
    You are welcome on my lawn.