<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Next generation malware: Windows Vista's gadget API

Next generation malware: Windows Vista's gadget API

From: Tim Brown <tmb_at_65535.com>
Date: Thu, 13 Sep 2007 10:16:37 +0100

A paper has just been released on the Windows Vista's gadget API. The
abstract is as follows:

Windows has had the ability to embed HTML into it’s user interface for many
years. Right back to and including Windows NT 4.0, it has been possible to
embed HTML into the task bar, but the OS has always maintained a sandbox,
from which the HTML has been unable to escape. All this changes with Windows
Vista. This paper seeks to inform system administrators, users and the
wider community on both potential attack vectors using gadgets and the
mitigations provided by Windows Vista.

The full paper can be found at http://www.portcullis-security.com/165.php.

Cheers,
Tim

-- 
Tim Brown
<mailto:tmb_at_65535.com>

Received on Sep 14 2007

This message: [ Message body ]
Next message: Roger A. Grimes: "RE: Next generation malware: Windows Vista's gadget API"
Previous message: nnp: "Re: where I can find "FUZZ" resource??"
Next in thread: Roger A. Grimes: "RE: Next generation malware: Windows Vista's gadget API"
Reply: Roger A. Grimes: "RE: Next generation malware: Windows Vista's gadget API"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos