[Code-Crunchers] Joanna Rutkowska's blue pill and Vista RC2
Gadi Evron
ge at linuxbox.org
Sun Oct 22 05:16:26 CDT 2006
Joanna just published a blog entry on this issue, and how her PoC doesn't
work on the new Vista release.
Why, etc.
"It quickly turned out that our exploit doesn't work anymore! The
reason: Vista RC2 now blocks write-access to raw disk sectors for user
mode applications, even if they are executed with elevated administrative
rights."
http://theinvisiblethings.blogspot.com/2006/10/vista-rc2-vs-pagefile-attack-and-some.html
Gadi.
(Hat tip to Elaf Efrat)
More information about the Code-Crunchers
mailing list