Commentary
Hacker Cracks Internet Explorer 8 on Windows 7
Despite the security measures included in Windows 7, two security researchers were able to defeat the security provided to users running Internet Explorer 8 on top of Microsoft's latest operating system.Despite the security measures included in Windows 7, two security researchers were able to defeat the security provided to users running Internet Explorer 8 on top of Microsoft's latest operating system.The researchers managed to surf their way through Windows 7's Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) anti-hacking defenses on a completely up-to-date and fully patched 64-bit version of Windows 7 running IE8.
If you find that news sobering, consider how (relatively) quickly the Dutch hacker, Peter Vreugdenhil, was able to develop a working exploit. From Ryan Naraine at the Threatpost blog:
"I started with a bypass for ALSR which gave me the base address for one of the modules loaded into IE. I used that knowledge to do the DEP bypass," he added.
More Security Insights
White Papers
More >>
- The BlackBerry PlayBook tablet's Good Bones - by BlackBerry
- New Visual and Wizard-Driven Paradigms for Exploring Data and Developing Analytic Workflows
Reports
More >>Webcasts
More >>
- Outsourcing Security: What Every Potential Cloud Security Customer Should Know
- Maximize ROI with Database Consolidation onto Private Clouds
Vreugdenhil, who won a $10,000 cash prize and a new Windows machine, said he uses fuzzing techniques to find software vulnerabilities. "I specifically looking through my fuzzing logs for a bug like this because I could use it to do the ASLR bypass, he said.
After finding the IE 8 vulnerability, Vreugdenhil said it took about two weeks to write an exploit to get around the ASLR+DEP mitigations.
"Fuzzing" techniques include using tools that throw random data (essentially junk) at software inputs to see what happens.
Vreugdenhil published a brief paper [.PDF] explaining how he bypassed both ASLR and DEP.
The demonstration took place at the CanSecWest Vancouver security conference, underway now. It's part of a contest funded by intrusion-prevention provider Tipping Point. More than $100,000 in prizes are earmarked for hackers who can break into leading Internet browsers and mobile platforms for the iPhone, Blackberry, Symbian, and Andriod.
IE 8 running on Windows 7 wasn't the only browser to fall at the conference so far. The iPhone, Safari, and Mozilla Firefox also fell to exploits designed to take advantage of zero-day vulnerabilities in all of those systems.
For my security and technology observations throughout the day, consider following me on Twitter.
Related Reading
 |
To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy. |
|
T-Shirt Giveaway: Each week we're selecting one great comment from our readers. The author of the comment will receive an InformaitonWeek Community t-shirt. So get posting! |
Subscribe to RSSResource Links
This Week's Issue
Technology Whitepapers
- Mobile BI: Actionable Intelligence for the Agile Enterprise
- Creating the Enterprise-Class Tablet Environment - by Yankee Group
- How To Regain IT Control In An Increasingly Mobile World - by BlackBerry
- The BlackBerry PlayBook tablet's Good Bones - by BlackBerry
- New Visual and Wizard-Driven Paradigms for Exploring Data and Developing Analytic Workflows
Featured Resource
This is your portal to all the news, product information, technical data, and other information related to the topic of computer user authentication and certification. Visit us to find out how to ensure that computer users are who they say they are.
Learn More
