[ros-dev] [ros-diffs] [gadamopoulos] 51115: [ntoskrnl] - Implement calling OkayToCloseProcedure callouts to win32k for desktop and window station objects - Fix a bug that caused ObpCloseHandle to return success even whe...
jimtabor.rosdev at gmail.com
Thu Mar 31 00:23:40 UTC 2011
http://www.alex-ionescu.com/ Main Blog,
http://www.alex-ionescu.com/?p=61 Black Hat 2008 Wrap-up <------- here
http://www.alex-ionescu.com/BH08-AlexIonescu.pdf <------------------ read
I would like everyone (new Developers) that haven't read this blog to
do so and get up to date!
I'm not sure if M$ fixed their issues, it may not be Server 2003 but
at least 2008 plus or 7.
ps I have the right to use M$ since 1983........
On Tue, Mar 22, 2011 at 9:19 AM, Alex Ionescu <ionucu at videotron.ca> wrote:
> It's hilarious how this new code has the exact same Windows security bug I gave a talk about at BlackHat 2-3 years ago (which Microsoft fixed in Vista).
> It's sad how this code ignores the exported PsSetProcessWindowStation API and relevant EPROCESS field.
> It's awesome how nothing changes whenever I prop up to see the "progress".
> Best regards,
> Alex Ionescu
More information about the Ros-dev