Submission + - Vista RC1 still vulnerable to pagefile attack
Tumbleweed writes: Joanna Rutkowska, of Blue Pill fame , writes in her blog that Vista RC1 (Build 5600, x64 edition) is still vulnerable to the pagefile attack she demonstrated at the SyScan conference nearly 2 months ago.
"As I described during my talk, it's just enough to... disable kernel mode memory paging. Surly, it would cause a little waste of memory, but according to some Microsoft engineers I spoke to, it would be only around 80MB. This seems very little these days, doesn't it?", she writes.
Well, no, 80MB is not 'very little' by my standards, but nevertheless, I don't see how this can be considered a 'Release Candidate' by anyone other than Microsoft, with such a high-profile vulnerability left in place.
"As I described during my talk, it's just enough to... disable kernel mode memory paging. Surly, it would cause a little waste of memory, but according to some Microsoft engineers I spoke to, it would be only around 80MB. This seems very little these days, doesn't it?", she writes.
Well, no, 80MB is not 'very little' by my standards, but nevertheless, I don't see how this can be considered a 'Release Candidate' by anyone other than Microsoft, with such a high-profile vulnerability left in place.
