Forgot your password?
typodupeerror

Comment: Shouldn't the OS prevent the worst of the damage? (Score 4, Interesting) 223

by overunder (#42628243) Attached to: Latest Java Update Broken; Two New Sandbox Bypass Flaws Found
I understand how a sandbox vulnerability could lead to malware being installed on the machine. But that malware still has to then exploit an OS-level security hole, right? The reports make it out that somehow the Java vulnerability allow complete take over of the machine. So I'm confused why the Win7, OSX, etc Access Control mechanism doesn't prevent the potential damage. Or is this specifically targeting users who for example are logged in as admin on a Win box and have explicit approval of system changes via ACL disabled?

Man must shape his tools lest they shape him. -- Arthur R. Miller

Working...