Nytro Posted November 2, 2012 Report Posted November 2, 2012 [h=1]Government hackers develop Windows 8 exploit – already[/h]31 October 2012 [h=2]Less than a week after Microsoft took the wraps off of its shiny new operating system for revolutionizing the PC world, Windows 8, hackers have developed an exploit.[/h] French firm Vupen, which works with government agencies to develop and thwart hacking techniques, has already developed a Windows 8 exploit for taking over machines running Internet Explorer 10. “We welcome #Windows 8 with various 0Ds combined to pwn all new Win8/IE10 exploit mitigations,” Vupen’s chief executive Chaouki Bekrar wrote on Twitter on Tuesday, employing hacker slang to squeeze it into 140 characters.Bekrar has been boasting for weeks that his firm would compromise the new OS: “Windows 8 will be officially released by MS on Oct 26th, we’ll release to customers the 1st exploit for Win8 the same day #CoordinatedPwnage,” he tweeted earlier in the month.Microsoft’s Windows 8 contains a slew of new security features, including a default anti-malware application called Windows Defender and a security measure known as Address Space Layout Randomization, which randomizes the location of programs’ executable commands within the memory in order to better evade exploits. Also, the latest version of Internet Explorer uses a “sandbox” mode to bog down hackers trying to attack a system through the browser.However, clearly the OS is not impervious. And, in fact, at the Black Hat security conference this summer, white hat hackers ran through several theoretical exploits for Windows 8, taking into account the new security measures."The Windows 8 kernel is not fundamentally changing any of the algorithms" used in Windows 7, he said. "It's more of a hardened version of Windows 7 … [in that] you don't have any significant structur[al] changes, but you have a lot more checks," said Tarjei Mandt, a senior vulnerability researcher with information security consultancy Azimuth Security.As for Microsoft, the software giant was not alerted to the vulnerabilities by Vupen, which sells its hacks and information to government agencies for a profit. “We saw [Vupen's] tweet, but further details have not been shared with us,” Microsoft’s director of Trustworthy Computing Dave Forstrom told Forbes. “We continue to encourage researchers to participate in Microsoft’s Coordinated Vulnerability Disclosure program to help ensure our customers’ protection.”Sursa: Infosecurity - Government hackers develop Windows 8 exploit – already Quote
me.mello Posted November 5, 2012 Report Posted November 5, 2012 Pentru asta exista AEX pe domain controller.Oricum e trist sa auzi asa ceva, si ganditi-va ca asta poate este public dar majoritatea nu sunt, tin minte ca in trecut a fost injectat malware chiar in windows update.Probleme de genul asta vor exista atat timp cat IE va face parte din sistemul de operare fie el sandboxed, nu e foarte dificil odata ce ai acces la el sa migrezi oriunde in memorie sau chiar in filesystem un mallware, deja egghunter ramane in urma si vin tot felul de tehnici noi odata cu timpul si tehnologia software oferita chiar de MS si asta ma refer la Framework...nu ca Java ar fi mai stabil la capitolul securitate.Toata chestia se trage de la OS in sine, atat timp cat au bagat in oala cu win32 api, .Net framework, nu pare a fi prea stabil cand le combini intre ele, desi pare destul de securizat tot vor fi unmanaged calls care nu pot fi controlate in totalitate de nici un programator cu niste cunostinte modeste in domeniu, avand in vedere situatia in care suntem si anume tot mai multe tipuri de mallware la fiecare luna.Numai zic nimic de Java, MS in momentul asta nu ofera absolut nici un fel de securitate la capitolul asta, ei lasa asta in baza celor de la Java sa se ocupe de asta, insa ei o fac la general si la nevoie, cand defapt MS ar trebui sa investigheze amanuntit cum ar putea influenta Java sistemul de operare, pana la urma ei stiu cel mai bine cum sa-si "aranjeze lucrurile in propriul birou".Chestia nasoala e ca nimeni nu e invatat la general si anume Windows Internals, win32 + .net framework(si nu ma refer neaparat la programare) si cum pot influenta anumite functii sistemul de operare, majoritatea invata securitatea pulii in speranta ca pe viitor daca vei avea parte de aceleasi probleme vei sti sa le rezolvi, cand defapt, chestiile noi trec pe langa tine si nu poti tine pasul cu ele.Si ca sa termin cu palavragitul, ca tot veni vorba mai sus de windwos update aveti grija in ce AV aveti incredere si zic asta pentru ca am avut prilejul prin firma la care lucrez sa fac un test cu niste studenti din rusia la un asa zis mallware care odata infectat schimba targetul din update manager exact la fel cum faci pe domain controller la Hyper-v in sccm, astfel victima poate primi automat orice "pachet" de la atacator,un pachet este defapt un installer creat si distribuit de atacator(chiar pentru fiecare tinta in parte), poate fi firefox, poate fi un mallware care update managerul il vede ca pe un update de la windows update center.Ca sa va faceti o idee :http://www.youtube.com/watch?v=NHrS1-_dMXk 1 Quote
