This is a mirror of official site: http://jasper-net.blogspot.com/

MS Virtual PC Flaw Defeats Windows Defenses

| Wednesday, March 17, 2010
An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft's Virtual PC virtualization software to malicious hacker attacks. The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigations — DEP, SafeSEH and ASLR — to exploit the Windows operating system. As a result, some applications with bugs that are not exploitable when running in a not-virtualized operating system are rendered exploitable if running within a guest OS in Virtual PC

Read more: Slashdot

Posted via email from jasper22's posterous

0 comments: