Home page logo

bugtraq logo Bugtraq mailing list archives

Re: White paper: Exploiting the Win32 API.
From: Florian Weimer <Weimer () CERT Uni-Stuttgart DE>
Date: Tue, 06 Aug 2002 22:51:46 +0200

"John Howie" <JHowie () securitytoolkit com> writes:

This class of attack is not new, it has been discussed before. While you
can assert that the blame lies with Microsoft (and I'll admit they do
have some responsibility to address the problem you describe)

A bit of MSDN browsing revealed that Microsoft has already "fixed" the
vulnerabilites, despite the claim that this was impossible.  The
concepts are called "window stations" and "desktops", and there is
plenty of documentation.  Everything is there: separate sets of hooks,
separate message queues, and so on.

Maybe there are some flaws, but the overall design seems to be sound.

Florian Weimer                    Weimer () CERT Uni-Stuttgart DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]