Security Bytes

Aug 6 2008   10:56AM GMT

Dowd and Sotirov’s Vista exploit talk is the talk of the town

David Schneier David Schneier Profile: David Schneier

The Black Hat briefings haven’t even officially started yet, but there is already some serious buzz surrounding Thursday’s talk on browser exploits by Mark Dowd and Alexander Sotirov. The pair have been giving some people in the security community an early look at their paper, and the word is that there is some pretty impressive/scary work in it. The talk centers around the protection mechanisms in Windows Vista and ways in which attackers can bypass them, specifically through browser-based exploits. I talked to several people yesterday who have seen the paper and the consensus seems to be that Dowd and Sotirov have made a major advance. There’s a nice piece of irony in the scheduling of the Dowd and Sotirov talk tomorrow: It is directly opposite a talk by several Microsoft executives on the company’s new vulnerability-sharing program and other new offerings. My guess is that it will be standing room only for Dowd and Sotirov.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: