Posts Tagged ‘Positive Research’

Intel SMEPAccording to the research center of “Positive Research”, found a vulnerability in the RTM-version of Microsoft Windows 8. In the security analysis of the new OS has been found the ability to bypass security technologies Intel SMEP.

This class of vulnerabilities is considered the most dangerous, because the successful operation of the kernel-mode attacker gains complete control of the target system, without limitation security OS.

As it turned out, the incorrect configuration of x86 versions of Windows 8 attacker can bypass security restrictions Intel SMEP, using the weaknesses of protection in 32-bit versions of Windows 8 and information about the address space of the operating system. Implementing support for SMEP in x64-version of Windows 8 is more secure, but it is now too fragile. The experts of the Research Center “Positive Research” demonstrated bypass protection in the OS environment using an approach known as “back-Oriented Programming” (return-oriented programming, ROP). (more…)