__/ [ nessuno@xxxxxxxxxxxxxxxxxxx ] on Sunday 29 April 2007 19:58 \__
> On Apr 28, 8:52 pm, Roy Schestowitz <newsgro...@xxxxxxxxxxxxxxx>
> wrote:
>> Experts warn of .doc attacks
>>
>> ,----[ Quote
>> | When the document is opened it crashes the system and the malware
>> | is automatically loaded when the computer reboots.
>> `----
>
> OK, I'm not a Windows user, but how in the world does an *application*
> crash the *OS*? That can only happen if the OS has a bug in its vital
> parts. This must mean a crash of the OS, not just the app, otherwise
> why does the computer reboot?
>
> And does the malware have root privileges when it is loaded upon
> reboot?
Local privilege escalation was one of the first bugs discovered in Vista
(eEye used error prompts to achieve this, AFAIK), so apparently the fact
that 'root' got incuded as an 'addon' to Windows, rather than something
that's embedded design at the start, leads to user accounts being a bendable
notion. It is still surprising that the action of viewing a document can
invoke actions that go /outside/ the particular application.
--
~~ Best regards
Roy S. Schestowitz | Windows: backward-compatible, even for viruses
http://Schestowitz.com | RHAT Linux | PGP-Key: 0x74572E8E
11:05pm up 1 day 7:20, 3 users, load average: 0.59, 0.87, 0.75
http://iuron.com - Open Source knowledge engine project
|
|
