Home > Hacking > Vista Hack



Researcher Reveals 2Step Vista UAC Hack

Sort Desciption:

Researcher Reveals 2Step Vista UAC Hack. The technique uses social engineering to trick the victim into downloading an innocentlooking file ...



Content Inside:

Researcher Reveals 2Step Vista UAC HackPage 1Researcher Reveals 2Step Vista UAC HackThe technique uses social engineering to trick the victim into downloading an innocentlooking filethat includes a Trojan horse attack. A Web application developer has uncovered a twostep process (PDF) for exploiting Windows Vista's UserAccount Control essentially by having a Trojan piggyback on what could be a legitimate download. Robert Paveza a senior Web application developer with Terralever a Webbased marketing companybased in Tempe Ariz. published details of the vulnerability in a paper titled "UserPrompted Elevation ofUnintended Code in Windows Vista." Paveza said in the paper that the vulnerability uses a twopart attack vector against a default Vistainstallation. The first step requires that malware called a proxy infection tool be downloaded and runwithout elevation. That software can behave as the victim expects it to while it sets up a second maliciouspayload in the background. "For instance if users believe they are downloading a 'PacMan' clone such a game could be run while themalicious software did its work in the background" Paveza said. He noted that the infection succeeds forall intents and purposes with the installation of the proxy infection tool. "This pattern of infection follows the typical Trojan horse model piggybacking on what may be otherwiselegitimate software" he said. News of the vulnerability first broke May 15. When eWEEK that day contacted Microsoft based inRedmond Wash. a spokesperson said the company is aware of demonstrations that "purport" to show howa Vista system can be attacked. But the spokesperson said the demonstration provided by Paveza is ofactions an attacker can take on a system that already has been compromised by another means. "With this in mind it is important to note that user interaction is required for the initial infection of theTrojan to occur" the spokesperson said. "The user ...

Source: www.physorg.com


add to Google Reader add to Google Bookmark add to bloglines add to newsgator add to FURL add to digg add to webnews add to Netscape add to Yahoo MyWeb add to spurl.net add to diigo Bookmark newsvine Bookmark del.icio.us Bookmark @ SIMPIFY Bookmark MISTER WONG Bookmark Linkarena Bookmark icio.de Bookmark oneview Bookmark folkd.com Bookmark yigg.de Bookmark reddit Bookmark StumbleUpon Bookmark Slashdot Bookmark blinklist Bookmark technorati add to blogmarks add to blinkbits add to ma.gnolia add to smarking.com add to netvouz add to co.mments add to Connotea add to de.lirio.us
Search Terms:

 

Related Files

Hack Windows Vista in Reduced Functionality Mode

Filed under: Hacking and Vista Hack
Hack Windows Vista in Reduced Functionality Mode. And rearm the operating system to prolong Initial Grace. Windows Vista will move into Reduced ...

Vista Hack Served Directly by Microsoft

Filed under: Hacking and Vista Hack
Vista Hack Served Directly by Microsoft. A hack? Yes. But is it illegal? No. With a combination of the slmgr.vbs rearm command and resetting the SkipRearm ...

Internet Explorer 7

Filed under: Hacking and Vista Hack
Windows Vista & IE7 Readiness Tour. Preparing for IE 7. Fixing BrokenW orkArounds. Most famous CSS Filter break: the Holly hack. * html {height:1%;} ...

Microsoft PowerPoint 02 Preparing Games for Windows Vista

Filed under: Hacking and Vista Hack
Preparing Games for. Windows Vista. Bruce Dawson. Programmer. Microsoft Game Technology Group ... Backwards compatibility 'hack'. Not performant ...

Vista DRM WrapUp and Announcing "SecurAble"

Filed under: Hacking and Vista Hack
up the topic of Vistas new deep and pervasive Digital Rights Management (DRM) .... Hack open source software and put it in your box. Just dont modify ...