What Dowd and Sotirov did was figure out how to defeat Vista's post-exploit runtime security measures in IE only. They can exploit .NET DLL controls to build reliable exploits, even though the Vista runtime goes to a great deal of trouble to make reliable exploits hard to write.
For this research to come into play, you have to already have a memory corruption vulnerability in IE.
Great talk? Absolutely. One of the best of the show.
Important finding? Absolutely. IE is a top 5 attacker target.
A blow to Vista's standing relative to other OS's? Doubtful. Nobody has a good answer to this problem. If attackers can control memory in your process, they're going to win.
What Dowd and Sotirov did was figure out how to defeat Vista's post-exploit runtime security measures in IE only. They can exploit .NET DLL controls to build reliable exploits, even though the Vista runtime goes to a great deal of trouble to make reliable exploits hard to write.
For this research to come into play, you have to already have a memory corruption vulnerability in IE.
Great talk? Absolutely. One of the best of the show.
Important finding? Absolutely. IE is a top 5 attacker target.
A blow to Vista's standing relative to other OS's? Doubtful. Nobody has a good answer to this problem. If attackers can control memory in your process, they're going to win.