Slashdot Mirror


MS Virtual PC Flaw Defeats Windows Defenses

Coop's Troops writes "An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft's Virtual PC virtualization software to malicious hacker attacks. The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigations — DEP, SafeSEH and ASLR — to exploit the Windows operating system. As a result, some applications with bugs that are not exploitable when running in a not-virtualized operating system are rendered exploitable if running within a guest OS in Virtual PC."

8 of 141 comments (clear)

  1. Mac OS X by Anonymous Coward · · Score: -1, Troll

    Yes. I've always wondered why more people don't switch to a better OS.

    1. Re:Mac OS X by Anonymous Coward · · Score: -1, Troll

      Because some of us aren't men who have hot, hairy, mustachioed, sweaty, musky, anal, oral, scrotum-on-scrotum flapping, Elton John listening, gay bar dancing, San Francisco living, West Hollywood visiting, Hillcrest dining, lisping, cowboy-walking, nipple-piercing, Palm Springs vacationing, pride parade attending,

      sex with other men.

  2. Re:Linux by Stormwatch · · Score: -1, Troll

    Maybe people are so used to a buggy, bloated, vulnerable operating system that they assume other systems will be just as awful.

  3. Re:Linux by Mike+Buddha · · Score: 0, Troll

    Ahh yes, come one, come all to Debian Island where all the computers are free and none of them work quite right.

    --
    by Mike Buddha -- Someday the mountain might get him, but the law never will.
  4. Re:Linux by Anonymous Coward · · Score: -1, Troll

    Are you modding this guy troll because he's upset people insist on using this piece of sh* called Windholes?

    Is that what /. has come to now?

    Maybe malcontents should pack things and look for a Linux site to whine about M$, eh?

  5. Re:Linux by Anonymous Coward · · Score: -1, Troll

    Because they don't want to use your busted POS OS? Because a bug that will effect far less than 1% of all Windows users isn't a cause to change OSes? Because you suck more dicks than a gay bathhouse full of Mac users?

  6. Re:Linux by Anonymous Coward · · Score: -1, Troll

    I get my copy of Windows from MSDN through an account my company purchases. I don't pay anything and I get something better than a busted POS like Loonix.

  7. Re:This gets me every time by drsmithy · · Score: 0, Troll

    They have more than enough resources to pour into security. Yet they don't... I refuse to cut them any slack, when open source projects which are powered by volunteers (I know not all are, but a significant number are) can produce (and do produce) results SIGNIFICANTLY faster than MS typically does... If a bunch of volunteers with VERY limited resources can do it, why can't a company with practically unlimited resources handle it?

    It's pretty easy to patch software quickly when your testing and QA process barely extends past "does it compile".