Researcher warns of Vista vulnerabilities

by Ulrika Hedquist
Be the first to comment | 1I like it!
Tags: Microsoft, Vista
More »
on this topic
August 25, 2008, 12:43 PM —  Computerworld New Zealand Online — 

A New Zealand security researcher is exploring several scenarios in which Windows Vista could be attacked and warns more protection is needed for users.

Ben Hawkes presented his findings at the Black Hat conference, held in Las Vegas this month, and will also present them at the Kiwicon conference, to be held in Wellington in the end of September.

Hawkes' research has uncovered hacking techniques for attacking the Vista heap, which is a dynamic memory management component, used by every single application, from Microsoft Word to web applications, he says.

There is a type of bug in these applications called the memory corruption bug, he says. Historically, these bugs have been a fairly severe security problem because people could turn them into arbitrary code execution -- allowing attackers to run code, for example a back door or keylogger, says Hawkes.

Microsoft is trying to prevent malicious hackers from targeting memory corruption. When it introduced Windows Vista, it also introduced several security enhancements to the operating system, Hawkes says. But more protection is needed.

Hawkes was in touch with Microsoft two weeks before Black Hat, sending the company a copy of his slides and presentation called "Attacking the Vista heap."

"They were quite interested in my research and passed it around internally to a few select people," he says.

Hawkes got a little bit of feedback from the software giant, generally positive.

"I had a fairly good experience," he says.

He is not sure what Microsoft's next steps will be to deal with this issue.

"They may end up introducing some of the protection mechanisms I have suggested in my research," he says.

Hawkes says the kind of research he is performing does not pose an immediate threat; it does not present a vulnerability, he says. Rather, an attacker could use his research as a tool to leverage a vulnerability. It is more likely that his findings will become an issue six months down the track when researchers, and attackers, may find vulnerabilities where they can use the attack techniques, he says.

"Microsoft has this time to step back, use their threat models and work out the best way to deal with this problem," he says.

In his Black Hat presentation, Hawkes suggested that Microsoft should add technical measures to prevent potential use of the techniques he has demonstrated. This could be, for example, adding guard pages and guarded mappings, he says. These suggestions are fairly simple and cheap to implement, he says.

Hawkes' findings do not change procedures for IT managers and system administrators, he says, as long as they keep patching and mitigating attacks. It is more of interest to the technical crowd, who are creating the attacks and doing the vulnerability research that results in patches, he says.

There are very few people in the world doing cutting edge research in that particular area, he says. Hawkes and another New Zealander, Brett Moore, are among those researchers. Moore has done similar research on Windows Server 2003, Hawkes says.

» posted by ITworld staff

Computerworld New Zealand Online

I like it!
Post a comment
The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
Free books

Build your tech library with our book giveaways.

Windows PowerShell 2.0 Unleashed
By Tyson Kopczynski, Pete Handley, Marco Shaw; Published by Sams

Windows PowerShell Unleashed will not only give you deep mastery over PowerShell but also a greater understanding of the features being introduced in PowerShell 2.0–and show you how to use it to solve your challenges in your production environment. Enter now!

 

Ubuntu Server Administration
By Michael Jang; Published by McGraw-Hill Osborne Media

Realize a dynamic, stable, and secure Ubuntu Server environment with expert guidance, tips, and techniques from a Linux professional. Ubuntu Server Administration covers every facet of system management -- from users and file systems to performance tuning and troubleshooting. Enter now!

Featured Sponsor
Case Study: AISO grows its "green" business

AISO founders envisioned a Web hosting company that was environmentally friendly. While the company employed energy-efficient innovations like solar panels, its infrastructure produced unacceptable power and cooling requirements. Find out how AISO leveraged AMD technology to overcome their challenge in this case study white paper.

Download this white paper »
Myth of the Million Dollar Database

In this whitepaper, Scalar explores the opportunity to change the landscape with respect to mission critical databases built around Oracle. Leveraging technologies such as Linux, high-end commodity processing power and Oracle RAC technology to architect, design, build and maintain database infrastructure that delivers maximum availability, reliability and performance at a fraction of traditional cost.

Download this white paper »
Success Story: Weather.com handles whatever nature serves up

On a typical day, weather.com, the Web site for The Weather Channel in Atlanta, serves up between 15 million and 20 million page views. But in September 2004, when back-to-back hurricanes ransacked Florida, the peak traffic on one day more than tripled: over 70 million page views by more than 7 million unique visitors. Read the full success story now.

Download this white paper »
More Resources