Joanna Rutkowska’s blue pill and Vista RC2

joanna just published a blog entry on this issue, and how her poc doesn’t work on the new vista release.

why, etc.

“it quickly turned out that our exploit doesn’t work anymore! the
reason: vista rc2 now blocks write-access to raw disk sectors for user
mode applications, even if they are executed with elevated administrative
rights.”

http://theinvisiblethings.blogspot.com/2006/10/vista-rc2-vs-pagefile-attack-and-some.html

sunshine.

(hat tip to elad efrat)

Share