---

Windows: New, improved & more insecure than ever

[ Thanks to Steven J.
Vaughan-Nichols
for this link. ]

“Unfortunately, Wever, using a variation of a hacking
technique he helped perfect called heap-spraying has busted DEP. In
heap-spraying, the attack code made an educated guess at where
vulnerable memory that could be used to execute unapproved programs
could be found. In Wever’s latest trick, the attacking code looks
for clues on where to find memory that’s allowed by DEP to run
programs. Once armed with this information, the attack code can
then successfully plant itself in the system.

“While the attack code isn’t ready to go for any script-kiddie,
as Wever himself points out, he has given enough information on how
to defeat DEP that it’s only a matter of time before a competent
cracker uses the code to start enabling new attacks.”


Complete Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis