[Techtalk] Shatter Attacks - How to break Windows
Carla Schroder
carla at bratgrrl.com
Tue Aug 6 22:46:00 EST 2002
anyone following Slashdot today?
http://security.tombom.co.uk/shatter.html
"This paper presents a new generation of attacks against Microsoft Windows,
and possibly other message-based windowing systems. The flaws presented in
this paper are, at the time of writing, unfixable. The only reliable solution
to these attacks requires functionality that is not present in Windows, as
well as efforts on the part of every single Windows software vendor.
Microsoft has known about these flaws for some time; when I alerted them to
this attack, their response was that they do not class it as a flaw - the
email can be found here . This research was sparked by comments made by
Microsoft VP Jim Allchin who stated, under oath, that there were flaws in
Windows so great that they would threaten national security if the Windows
source code were to be disclosed. He mentioned Message Queueing, and
immediately regretted it. However, given the quantity of research currently
taking place around the world after Mr Allchin's comments, it is about time
the white hat community saw what is actually possible.
"This paper is a step-by-step walkthrough of how to exploit one example of
this class of flaw. Several other attack methods are discussed, although
examples are not given. There are many ways to exploit these flaws, and many
variations on each of the stages presented. This is just one example."
More information about the Techtalk
mailing list