• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Security hole found in DEP (XP SP2)

L

LocutusX

Diamond Member
Sorry if repost, searches did not reveal anything....

Major back door breach of Windows XP SP2 found

Russians claim to have entered Vole?s rear entrance

By Nick Farrell: Wednesday 02 February 2005, 07:49
A RUSSIAN security outfit claims to have worked a way around Microsoft's Windows XP Service Pack 2.

~snip~

But Positive Technology said that using the exploit it is possible to get arbitrary memory region write access (smaller or equal to 1016 bytes), Arbitrary code execution and a DEP bypass.
Click to expand...

http://theinquirer.net/?article=21038


~~~

As an AMD Athlon64 owner, running XP SP2 with DEP on "protect all" enabled -- am I more susceptible to this hole (theoretically speaking) than a P4 user who has DEP on default settings?
 
Details of the exploit

It sounds like this only affects 32-bit processors that rely on Microsoft's software-based DEP protection (although I could be mistaken, maybe I missed something in the article).

I wonder why the company waited 2 months to report this to Microsoft?
 
:yawn;

This is not a vulnerability or a security hole in XP/DEP. It just means that there is a possibility that if an application is written a certain way and contains a vulnerability that XP's software DEP wouldn?t be able to stop a buffer overflow from occurring were that vulnerability to be attacked.

Fact is XP SP2 is still far less likely to be vulnerable to buffer overflow attacks than it's predecessors because DEP can stop a lot of types of buffer overflows from occurring.
As an AMD Athlon64 owner, running XP SP2 with DEP on "protect all" enabled -- am I more susceptible to this hole (theoretically speaking) than a P4 user who has DEP on default settings?
Click to expand...
No not at all, as MrChad pointed out your're less susceptible.
 
Originally posted by: spyordie007

Fact is XP SP2 is still far less likely to be vulnerable to buffer overflow attacks than it's predecessors because DEP can stop a lot of types of buffer overflows from occurring.
As an AMD Athlon64 owner, running XP SP2 with DEP on "protect all" enabled -- am I more susceptible to this hole (theoretically speaking) than a P4 user who has DEP on default settings?
Click to expand...
No not at all, as MrChad pointed out your're less susceptible.
Click to expand...

How about us AMD XP users. Should we worry?
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top