Windows XP SP2 Still Vulnerable To Memory Attacks
Page 1 of 1
razor1394
VIP Member



Posts: 3571
Location: Sweden
PostPosted: Mon, 31st Jan 2005 16:24    Post subject: Windows XP SP2 Still Vulnerable To Memory Attacks
Quote:
Russian security outfit, Maxpatrol, have discovered a way to defeat Microsoft® Windows® XP SP2 Heap protection and Data Execution Prevention mechanism.

Data execution prevention (DEP) is a set of hardware and software technologies that perform additional checks on memory to help protect against malicious code exploits. By default, software-enforced DEP only protects limited system binaries. Hardware-enforced DEP relies on processor hardware to mark memory with an attribute that indicates that code should not be executed from that memory.

Maxpatrol have published a full article on their discoveries. They claim that it's possible to implement arbitrary memory region write access (smaller or equal to 1016 bytes), Arbitrary code execution and DEP bypass.

The company have also published a solution named PTmsHORP. PTmsHORP allows restriction of lookaside list creation, governed by a special global flag. The company reported the problem to Microsoft on the 22nd December. We've contacted Microsoft about the problem and are awaiting a response.


Even when talking about Windows I was "taken while sleeping" as DEP is one of the biggest features in SP2.

Source -> http://www.neowin.net/comments.php?id=26892&category=main
Back to top
[sYn]
[Moderator] Elitist



Posts: 8374

PostPosted: Tue, 1st Feb 2005 10:29    Post subject:
haha.. the truth will set you free Smile!
Back to top
nerrd




Posts: 3607
Location: Poland / USA
PostPosted: Tue, 1st Feb 2005 21:47    Post subject:
[sYn] wrote:
haha.. the truth will set you free Smile!


haha .... while windows with sp2 is not all that secure, your version, without sp2 is even less secure .... haha ...
Back to top
skidrow
Moderator



Posts: 8691

PostPosted: Tue, 1st Feb 2005 22:07    Post subject:
winxp sp2, is teh best.
sp3 will be even better Wink


Back to top
[sYn]
[Moderator] Elitist



Posts: 8374

PostPosted: Wed, 2nd Feb 2005 03:01    Post subject:
nerrd wrote:
[sYn] wrote:
haha.. the truth will set you free Smile!


haha .... while windows with sp2 is not all that secure, your version, without sp2 is even less secure .... haha ...


ERm.. I run linux..
Back to top
Page 1 of 1 All times are GMT + 1 Hour
NFOHump.com Forum Index - Operating Systems
Signature/Avatar nuking: none (can be changed in your profile)  


Display posts from previous:   

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group