Feeds

Vista kernel fix 'worse than useless'

MS irks security researcher (part 411)

Beginner's guide to SSL certificates

Microsoft has modified Windows Vista to prevent a high-profile exploit demonstrated at security conferences this summer but the fix creates as many problems as it solves, according to the security researcher who identified the original problem.

The bug, demonstrated by Joanna Rutkowska of security firm Coseinc, created a possible mechanism for hackers to bypass security protection built into 64-bit versions of Vista in order to inject potentially hostile code into the kernel of prototype versions of Windows. This so-called "pagefile attack" defeated a feature called Vista kernel protection.

Windows Vista Release Candidate 2 frustrates this attack by blocking write-access to raw disk sectors for user mode applications, even if they are executed with elevated administrative rights. Rutkowska writes that Microsoft's fix is fraught with difficulties because it prevents legitimate applications, such as disk editors and recovery tools, from functioning without their own signed kernel-level driver. Hackers might be able to hijack such legitimate drivers so all Microsoft has done has created extra work for developers in displacing - but not resolving - the problem.

During a presentation at the Black Hat conference in August, Rutkowska explained two other approaches Microsoft might take in defeating the page-file attack as well as highlighting the problems with simply blocking write-access to raw disk sectors for user mode applications. "Microsoft actually decided to ignore those suggestions and implemented the easiest solution, ignoring the fact that it really doesn’t solve the problem," she writes. ®

Beginner's guide to SSL certificates

More from The Register

next story
Preview redux: Microsoft ships new Windows 10 build with 7,000 changes
Latest bleeding-edge bits borrow Action Center from Windows Phone
Google opens Inbox – email for people too thick to handle email
Print this article out and give it to someone tech-y if you get stuck
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
UNIX greybeards threaten Debian fork over systemd plan
'Veteran Unix Admins' fear desktop emphasis is betraying open source
Entity Framework goes 'code first' as Microsoft pulls visual design tool
Visual Studio database diagramming's out the window
Google+ goes TITSUP. But WHO knew? How long? Anyone ... Hello ...
Wobbly Gmail, Contacts, Calendar on the other hand ...
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Redmond top man Satya Nadella: 'Microsoft LOVES Linux'
Open-source 'love' fairly runneth over at cloud event
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.