User Interface Privilege Isolation
User Interface Privilege Isolation (UIPI) is a technology introduced in Windows Vista and Windows Server 2008 to combat shatter attack exploits. By making use of Mandatory Integrity Control, it prevents processes with a lower "integrity level" (IL) from sending messages to higher IL processes (except for a very specific set of UI messages). Window messages are designed to communicate user action to processes. However, they can be used to run arbitrary code in the receiving process' context. This could be used by a malicious low-privilege processes to run arbitrary code in the context of a higher-privilege process, which constitutes an unauthorized privilege escalation. By restricting the ability of lower-privileged processes to send window messages to higher-privileged processes, UIPI can mitigate these kinds of attacks. UIPI, and Mandatory Integrity Control more generally, is a security feature but not a security ''boundary''. Microsoft Office 2010 Microsoft Office 2010 (c ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Windows Vista
Windows Vista is a major release of the Windows NT operating system developed by Microsoft. It was the direct successor to Windows XP, which was released five years before, at the time being the longest time span between successive releases of Microsoft Windows desktop operating systems. Software release life cycle#Release to manufacturing (RTM), Development was completed on November 8, 2006, and over the following three months, it was released in stages to computer hardware and software manufacturers, business customers and retail channels. On January 30, 2007, it was released internationally and was made available for purchase and download from the Windows Marketplace; it is the first release of Windows to be made available through a digital distribution platform. Features new to Windows Vista, New features of Windows Vista include an updated graphical user interface and Skin (computing), visual style dubbed Windows Aero, Aero, a new search component called Windows Search, red ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Windows Server 2008
Windows Server 2008 is the fourth release of the Windows Server operating system produced by Microsoft as part of the Windows NT family of the operating systems. It was released to manufacturing on February 4, 2008, and generally to retail on February 27, 2008. Derived from Windows Vista, Windows Server 2008 is the successor of Windows Server 2003 R2 and the predecessor to Windows Server 2008 R2. On January 12, 2016, Microsoft ended support for all Internet Explorer versions older than Internet Explorer 11 released in 2013 for Windows 7. Extended support for Windows Server 2008 ended on January 14, 2020. Extended Security Updates (ESU) updates last until January 10, 2023 (January 9, 2024 for Azure customers). Windows Server 2008 is the final version which supports IA-32-based processors (also known as 32-bit processors). Its successor, Windows Server 2008 R2, requires a 64-bit processor in any supported architecture (x86-64 for x86 and Itanium). History Microsoft had releas ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Shatter Attack
In computing, a shatter attack is a programming technique employed by hackers on Microsoft Windows operating systems to bypass security restrictions between processes in a session. A shatter attack takes advantage of a design flaw in Windows's message-passing system whereby arbitrary code could be injected into any other running application or service in the same session, that makes use of a message loop. This could result in a privilege escalation exploit. Overview Shatter attacks became a topic of intense conversation in the security community in August 2002 after the publication of Chris Paget's paper "Exploiting design flaws in the Win32 API for privilege escalation". The paper, which coined the term "shatter attack", explained the process by which an application could execute arbitrary code in another application. This could occur because Windows allows unprivileged applications to send messages to message loops of higher-privileged application - and some messages can have ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Mandatory Integrity Control
Mandatory Integrity Control (MIC) is a core security feature of Windows Vista and later that adds mandatory access control to running processes based on their Integrity Level (IL). The IL represents the level of trustworthiness of an object. This mechanism's goal is to restrict the access permissions for potentially less trustworthy contexts (processes, files, and other securable objects), compared with other contexts running under the same user account that are more trusted. Implementation Mandatory Integrity Control is defined using a new access control entry (ACE) type to represent the object's IL in its security descriptor. In Windows, Access Control Lists (ACLs) are used to grant access rights (read, write, and execute permissions) and privileges to users or groups. An IL is assigned to a subject's access token when initialized. When the subject tries to access an object (for example, a file), the Security Reference Monitor compares the integrity level in the subject's acce ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Microsoft
Microsoft Corporation is an American multinational technology corporation producing computer software, consumer electronics, personal computers, and related services headquartered at the Microsoft Redmond campus located in Redmond, Washington, United States. Its best-known software products are the Windows line of operating systems, the Microsoft Office suite, and the Internet Explorer and Edge web browsers. Its flagship hardware products are the Xbox video game consoles and the Microsoft Surface lineup of touchscreen personal computers. Microsoft ranked No. 21 in the 2020 Fortune 500 rankings of the largest United States corporations by total revenue; it was the world's largest software maker by revenue as of 2019. It is one of the Big Five American information technology companies, alongside Alphabet, Amazon, Apple, and Meta. Microsoft was founded by Bill Gates and Paul Allen on April 4, 1975, to develop and sell BASIC interpreters for the Altair 8800. It rose to do ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Arbitrary Code Execution
In computer security, arbitrary code execution (ACE) is an attacker's ability to run any commands or code of the attacker's choice on a target machine or in a target process. An arbitrary code execution vulnerability is a security flaw in software or hardware allowing arbitrary code execution. A program that is designed to exploit such a vulnerability is called an arbitrary code execution exploit. The ability to trigger arbitrary code execution over a network (especially via a wide-area network such as the Internet) is often referred to as remote code execution (RCE). Vulnerability types There are a number of classes of vulnerability that can lead to an attacker's ability to execute arbitrary commands or code. For example: * Memory safety vulnerabilities such as buffer overflows or over-reads. * Deserialization vulnerabilities * Type confusion vulnerabilities * GNU LDD arbitrary code execution Methods Arbitrary code execution is commonly achieved through control over th ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Privilege Escalation
Privilege escalation is the act of exploiting a bug, a design flaw, or a configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The result is that an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions. Background Most computer systems are designed for use with multiple user accounts, each of which has abilities known as privileges. Common privileges include viewing and editing files or modifying system files. Privilege escalation means users receive privileges they are not entitled to. These privileges can be used to delete files, view private information, or install unwanted programs such as viruses. It usually occurs when a system has a bug that allows security to be bypassed or, alternatively, has flawed design assumptions about how it will be used. Privilege escalation occurs in two ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Microsoft Office 2010
Microsoft Office 2010 (codenamed Office 14) is a version of Microsoft Office for Microsoft Windows unveiled by Microsoft on May 15, 2009, and released to manufacturing on April 15, 2010, with general availability on June 15, 2010, as the successor to Office 2007 and the predecessor to Office 2013. The macOS equivalent, Microsoft Office 2011 for Mac was released on October 26, 2010. Office 2010 introduces user interface enhancements including a Backstage view that consolidates document management tasks into a single location. The ribbon introduced in Office 2007 for Access, Excel, Outlook, PowerPoint, and Word is the primary user interface for all applications in Office 2010 and is now customizable. Collaborative editing features that enable multiple users to share and edit documents; extended file format support; integration with OneDrive and SharePoint; and security improvements such as Protected View, a sandbox to protect users from malicious content are among its other new ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Sandbox (computer Security)
In computer security, a sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures and/or software vulnerabilities from spreading. The isolation metaphor is taken from the idea of children who do not play well together, so each is given their own sandbox to play in alone. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as storage and memory scratch space. Network access, the ability to inspect the host system, or read from input devices are usually disallowed or heavily restricted. In the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Sandboxing is frequently used to test unverified programs th ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Microsoft TechNet
Microsoft TechNet was a Microsoft web portal and web service for IT professionals. It included a library containing documentation and technical resources for Microsoft products, a learning center which provides online training, discussion forums, an evaluation center for downloading trialware, blogs for Microsoft employees and a wiki. TechNet originally provided a software subscription service similar to Office 365 and Adobe Creative Cloud that allowed subscribers to download Microsoft software under a software as service license for private use. On July 1, 2013, it was announced that Microsoft is discontinuing the TechNet subscription service, with the purchase and renewal of subscriptions to be closed by August 31, 2013. TechNet also included a web-based ''TechNet Magazine'' which is discontinued since October 2013. Past issues are still available for reading. As of January 2020, TechNet now redirects to Microsoft Docs. Websites TechNet's primary web presence is a collect ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |