Our team of researches surfs the Internet on an everyday basis in search of the latest registry news and relevant information useful to visitors. This site strives to provide exciting registry information with two basic principles; Simplicity and Quality, with reference to the best information on registries.
The writers of the site present articles illustrated with images, while ensuring that the articles are both clear and concise in order to provide professional, yet easy to understand articles. Registry products and problems are analyzed and evaluated so as to present visitors with professional and factual articles. More...
Aug
26th

Researcher Ben Hawkes Warning on Vista Vulnerabilities!

Author: Egle | Files under Windows Vista registry

6025vista2-med.jpgSecurity researcher Ben Hawkes from New Zealand investigates a few concepts in which Windows Vista heap can be attacked to produce a buffer overflow and eventually execute arbitrary code. He alerts users that more protection is required. Ben Hawkes introduced his findings at the Black Hat conference, held in Las Vegas this month. In addition, he is also going to present them at the Kiwicon conference, to be held in Wellington at the end of September. A researcher said that design problems in the memory allocation system of Microsoft Windows Vista is able to allow malicious hackers to compromise the OS.

Hawkes' research has revealed hacking techniques for attacking the Vista heap. He says that the Vista heap is a dynamic memory management component. It is used by every single application, from Microsoft Word to web applications. Hawks says that there is a type of bug in these applications which is called the memory corruption bug. According to Hawkes, historically, these bugs have been a fairly severe security problem since people were able to turn them into arbitrary code execution, by enabling attackers to run code. For instance, a back door or key-logger.

Hawkes stated that Microsoft is attempting to hinder malicious hackers from targeting memory corruption. When it presented Windows Vista, it also presented a few security improvements in the heap security, comprising of check summing heap blocks and encoding of heap block meta-data elements. However, more protection is required. Hawkes had been in communication with Microsoft two weeks before Black Hat Conference. He sent the company a cevolving_vista.jpgopy of his slides and presentation which is called "Attacking the Vista heap."

Hawkes continued by saying that the kind of investigation he is prosecuting does not pose an immediate threat; it does not show a vulnerability. Rather, an attacker is able to use his investigation as a tool in order to influence a vulnerability. He added that it is more likely that his findings are going to become an issue six months down the line when researchers, and attackers, can find vulnerabilities that they could use the said attack techniques on. Microsoft has this time to step back, use their threat models and work out the best way to deal with this problem. Hawkes recieved a positive answer from Microsoft.

In his Black Hat presentation, Hawkes proposed that Microsoft should add technical measures in order to hinder potential use of the techniques he had exhibited. Hawkes also stated the this could be done, for instance, by adding guard pages and guarded mappings. He added that the forementioned proposals are fairly simple and cheap to implement. He also said that his findings will not modify procedures for IT managers and system administrators, as long as they keep patching and mitigating attacks. Hawkes concluded that this is of more interest to the technical crowd, who are creating the attacks and doing the vulnerability research that results in patches.

Resources:
Hawkes alerts about Vista vulnerabilities
Windows Vista heap is could be compromised by hacking techniques
Short description of Hawke's Black Hat presentation "Attacking the Vista heap"

Post a Comment

Security Code: