Home > Software > Windows Vista



Analysis of the Windows Vista Security Model

Sort Desciption:

Windows Vista introduces a security feature User Account. Protection (UAP) which is also ... Windows Vista. This is not meant to imply that there are no ...



Content Inside:

Analysis of the Windows Vista Security Model Page 1SYMANTEC ADVANCED THREAT RESEARCH 1Analysis of the Windows Vista Security Model Matthew Conover Principal Security Researcher Symantec CorporationAbstractThis paper provides an indepth technicalassessment of the security improvements implemented inWindows Vista focusing primarily on the areas of User Account Protection and User Interface Privilege Isolation. This paper discusses these features and touches on several of their shortcomings. It then demonstrates how it is possible to combinethese attacks to gain full control over the machine from low integrity low privilege process. Index TermsComputer security Windows Vista Windows Resource Protection File Virtualization Registry VirtualizationIntegrity Level UAP LUA UIPI I. INTRODUCTIONindows Vista is a radical departure from priorversions of the Windows operating system. With its introduction enhancements have been made to virtually allaspects of the Windows security model. These changes should decrease the ease by which the operating system can becompromised.In this research Symantec researchers evaluated thesecurity of the Windows Vista February 2006 CTP build. During this research we discovered a number ofimplementation flaws that continued to allow a full machine compromise to occur. By exploiting these flaws a lowprivilege low integrity level process can bypass User AccountProtection and ultimately execute code at a high privilege high integrity level. Since the conclusion of our initial phase of research severalnew Windows Vista builds have been released. We recently reevaluated our findings on the publicly released Windows Vista Beta 2 build 5384 and observed certain exploit paths have been fixed. Where applicable we will indicate where our initial findings differ from the public Windows Vista Beta 2.Windows Vista is a work in progress and it should beexpected that security issues including those d ...

Source: www.symantec.com


add to Google Reader add to Google Bookmark add to bloglines add to newsgator add to FURL add to digg add to webnews add to Netscape add to Yahoo MyWeb add to spurl.net add to diigo Bookmark newsvine Bookmark del.icio.us Bookmark @ SIMPIFY Bookmark MISTER WONG Bookmark Linkarena Bookmark icio.de Bookmark oneview Bookmark folkd.com Bookmark yigg.de Bookmark reddit Bookmark StumbleUpon Bookmark Slashdot Bookmark blinklist Bookmark technorati add to blogmarks add to blinkbits add to ma.gnolia add to smarking.com add to netvouz add to co.mments add to Connotea add to de.lirio.us

 

Related Files

Windows Vista Quick Reference Guide

Filed under: Software and Windows Vista
Top 5 reasons why your customers should get genuine Windows Vista preinstalled: ... Only genuine Windows Vista provides an enhanced user experience with an ...

100 things you should know about Windows Vista

Filed under: Software and Windows Vista
The Windows Firewall in Vista defaults to a secure configuration, while still ... Vista's new Windows Service Hardening feature, so that if the firewall ...

SolutionBase: Take a look at the Windows Vista Firewall

Filed under: Software and Windows Vista
The Windows firewall in Vista has been a part of this ... The firewall included in Windows Vista is a far cry from Microsoft's earlier efforts to ...

Windows Vista Network Attack Surface Analysis

Filed under: Software and Windows Vista
Windows Vista congures Windows Firewall during installa- tion, and Windows Firewall is running on all Windows Vista. machines unless explicitly disabled. ...

Analysis of the Windows Vista Security Model

Filed under: Software and Windows Vista
Windows Vista introduces a security feature User Account. Protection (UAP) which is also ... Windows Vista. This is not meant to imply that there are no ...