Friday, August 08, 2008

You pretty much knew...

...that it would happen eventually:

Vista security gutted by new web exploit
The malicious code not only negates the effectiveness of Vista's Address Space Layout Randomization and Data Execution Prevention technologies, which respectively randomize the location of some code in memory and prevent executing code from outside a certain memory space, but specifically abuses their behavior to ensure an attack gets through.

Update: A rebuttal (basically "Well, sure, but Vista's still better than XP.")

No comments: