[NUGA] Re: Windows Vista security 'rendered useless' by researchers

From: David Monroe <david.monroe@ctg.com>
Date: Fri Aug 08 2008 - 13:53:37 AKDT

At first, I wondered the same thing. I reread it again and saw this
line that tells me it is specific to Vista and Server 2008.
 
"The attacks themselves are not based on any new vulnerabilities in IE
or Vista, but instead take advantage of Vista's fundamental architecture
and the ways in which Microsoft chose to protect it."
 
Dave

________________________________

From: Jerry Tibor [mailto:anjft@uaa.alaska.edu]
Sent: Friday, August 08, 2008 1:34 PM
To: David Monroe; nuga@lib.uaa.alaska.edu
Subject: RE: [NUGA] Windows Vista security 'rendered useless' by
researchers

David,

 

An excellent heads-up. Thanks!

 

I read the article but I was unable to determine if it sounded like
these would only work in Vista and 2008, or if they would work with any
flavor of Windows where Internet Explorer uses Java, ActiveX controls,
and .NET objects. Were you able to tell?

 

Jerry

  

--
 
Jerry Tibor, MVP
LAN Manager
Electronic Student Services
University of Alaska Anchorage
 
anjft@uaa.alaska.edu
(907) 786-4734 - voice
(907) 786-4888 - fax
 
  <https://mvp.support.microsoft.com/profile/Jerry.Tibor> 
 
From: nuga-bounce@lib.uaa.alaska.edu
[mailto:nuga-bounce@lib.uaa.alaska.edu] On Behalf Of David Monroe
Sent: Friday, August 08, 2008 12:57 PM
To: nuga@lib.uaa.alaska.edu
Subject: [NUGA] Windows Vista security 'rendered useless' by researchers
 
A decent reason to stay away from Vista and Serer 2008.  
 
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1324
395,00.html
 
 
MSFT's wait and see method isn't too reassuring
 
Microsoft officials have not responded to Dowd's and Sotirov's findings,
but Mike Reavey, group manager of the Microsoft Security Response
Center, said Wednesday that the company is aware of the research and is
interested to see it once it becomes public.
 
The information transmitted is intended only for the person or entity to
which
it is addressed and may contain confidential and/or privileged material.
Any
review, retransmission, dissemination or other use of, or taking of any
action
in reliance upon, this information by persons or entities other than the
intended recipient is prohibited. If you received this in error, please
contact
the sender and delete the material from this computer.

---------
To unsubscribe, send email to <nuga-request@lib.uaa.alaska.edu>
with 'unsubscribe' in the message body. To manage your subscription,
follow the directions at https://www.lib.uaa.alaska.edu/cgi-bin/lists.cgi

image001.gif
Received on Fri Aug 8 13:53:58 2008

This archive was generated by hypermail 2.1.8 : Fri Aug 08 2008 - 13:53:59 AKDT