Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16634
HistoryApr 09, 2007 - 12:00 a.m.

[Full-disclosure] Vista Protected Processes Bypassed

2007-04-0900:00:00
vulners.com
11

From: CowboyNeal
Posted At: Saturday, April 07, 2007 11:41 AM
Posted To: Technology
Conversation: Slashdot
Subject: Vista Protected Processes Bypassed

Anonymous Hero writes "Security Researcher Alex Ionescu strikes again, this
time with a proof of concept program that will arbitrarily enable and
foremost disable the protection of so-called 'protected processes' in
Windows Vista. Not only threatening Vista DRM and friends, it's also another
step towards hardened and even more annoying malware. Normally, only
specially signed processes made by special companies (decided by Microsoft)
can be protected, but now the bad guys can protect any evil process they
want, including the latest version of their own keylogger, spambot, or worm,
as well as unprotect any 'good' one."

http://rss.slashdot.org/~r/Slashdot/slashdot/~3/107345575/article.pl

_______________________________–

I am beginning to believe that Vista will be the avenue that catapults
malware writers way ahead of the rest of us. When you "wrestle" with a
better opponent you gain strength and ability.