“Antimalware provider Prevx has sounded the alarm about a serious vulnerability in fully patched versions of Microsoft Windows. It allows attackers to execute malware, even in versions designed to withstand such exploits.
Technical details have already been published on a Chinese forum, leading to speculation that it won’t be long before attackers exploit it in the wild.”
Here is some more Tech News from around the web:
- Sandy Bridge Pentium processors unveiled @ SemiAccurate
- 10G Ethernet: More Than a Big Pipe @ Anandtech
- Hands-on: Opera 11 tab stacking vs Firefox Panorama @ Ars Technica
- Casio Exilim EX-S7 Review @ TechReviewSource
Source: The Register
There has been a lovely little piece of code discovered that leverages a flaw in a portion of the Windows kernel, namely win32k.sys and the inability for the NtGdiEnableEUDC API to properly vet its input, allowing access to memory addresses in a privileged area. All this means that you will have yet another way for malware to attack you and not even UAC will help you defend against it. Drop by The Register for the gritty details.