Just like the *real* Avril

So good looking on the outside - a dangerous piece of code on the inside.

http://news.bbc.co.uk/2/hi/technology/3661678.stm

[cavalierlwt]

WTF? How does Windows work, under the hood that is?
I'm obviously no hacker, but I consider myself a fair programmer, or at least I was at one time. I have a rudimentary understanding of the Windows OS. I can't figure out how the hell Windows works so that a buffer overun would cause a hacker to be able to take control of your machine. Anyone know how this type of thing works--in simple terms?
What the hell does Windows do, attempt to 'run' any data that overflows a buffer??

Easy way around this, Don't use Internet Exploder! I use opera which is not vulnerable to this problem, as well as probably mozzila, and firefox.

[SavageParrot]

Macs rule!

[Chacal]

Originally posted by cavalierlwt
Anyone know how this type of thing works

Yes.

--in simple terms?

No.



Anyway, t's not a vulnerability that's specific to Windows. Most programs have them. But Windows has a LOT of them.

[amnion]

any data that overflows can be crafted to execute with the privilege level of the program that was compromised, leading to an attack executing arbitrary code, can lead to the box being compromised totally...
OpenBSD and some other OS's make this harder to do...

[cavalierlwt]

Yeah, I understand the concept of privilege levels and windows lack of them. The thing that throws me is is the overflow resulting in the some code getting executed. When I think of overflows, I think of data maybe getting written to memory that should be protected, outside of reserved memory etc. This usually causes a program, perhaps the OS itself, to lock up. I'm just trying to figure out the logic of the OS looking at a buffer overflow, then attempting to 'run' the overflowing data as though it were an executable.