Security News > 2011 > April > Whitehats pierce giant hole in Microsoft security shield
![Whitehats pierce giant hole in Microsoft security shield](/static/build/img/news/alt/managed-security-medium.jpg)
http://www.theregister.co.uk/2011/04/18/windows_heap_exploit_shield_pierced/ By Dan Goodin in San Francisco The Register 18th April 2011 In late December, Microsoft researchers responding to publicly posted attack code that exploited a vulnerability in the FTP service of IIS told users it wasn't much of a threat because the worst it probably could do was crash the application. Thanks at least in part to security mitigations added to recent operating systems, attackers targeting the heap-overrun flaw had no way to control data that got overwritten in memory, IIS Security Program Manager Nazim Lala blogged. It was another victory for Microsoft's defense-in-depth approach to code development, which aims to make exploitation harder by adding multiple security layers. However, it turned out that wasn't the case. White-hat hackers Chris Valasek and Ryan Smith of security firm Accuvant Labs soon posted screenshots showing they had no trouble accessing parts of memory in the targeted machine that the protection â known as heap exploitation mitigation â should have made off limits. With that hurdle cleared, they had shown the IIS zero-day bug was much more serious than Microsoft's initial analysis had let on. âThe point was proven that you could actually start to execute code, as opposed to them saying: 'Don't worry about it. It can only crash your server',â Valasek, who is a senior research scientist for Accuvant, told The Register. [...]
News URL
http://www.theregister.co.uk/2011/04/18/windows_heap_exploit_shield_pierced/
Related news
- Microsoft's Brad Smith summoned by Homeland Security committee over 'cascade' of infosec failures (source)
- Google takes shots at Microsoft for shoddy security record with enterprise apps (source)
- Azure Service Tags tagged as security risk, Microsoft disagrees (source)
- Microsoft shows venerable and vulnerable NTLM security protocol the door (source)
- Microsoft delays Windows Recall amid privacy and security concerns (source)
- Microsoft Delays AI-Powered Recall Feature for Copilot+ PCs Amid Security Concerns (source)
- Microsoft delays Windows Recall rollout, more security testing needed (source)
- Microsoft answered Congress' questions on security. Now the White House needs to act (source)
- Microsoft: New Outlook security changes coming to personal accounts (source)
- Microsoft hits snooze again on security certificate renewal (source)