[Am-info] MS Security flaw
John J. Urbaniak
jjurban@attglobal.net
Thu, 08 Aug 2002 09:56:57 -0400
"Eric M. Hopper" wrote:
> On Thu, 2002-08-08 at 05:44, John J. Urbaniak wrote:
> >
> > Is there any credibility to this?
>
> I am not a Windows guru. I've dealt some with the Windows API, but not
> really extensively. But, from what I know, this article is true.
> Certainly his broad description of the Windows event system is right on
> target, right down to the lack of authentication.
>
Well, his description of WM_TIMER, where if you pass a second parameter
which translates into a memory address and the system jumps to that address
and executes code, is most interesting to me.
I suspect this kind of coding lies at the heart of Microsoft's ability to
arbitrarily break non-MS apps, and to make MS apps perform better.
I suspect Microsoft makes extensive use of this capability in its own
apps. I suspect they have secret files of code which perform better than
the APIs they document for other developers. They obtain the addresses of
this code and pass the address using variables like this second parameter.
One of the greatest features of Java, IMO, was the elimination of
pointers. But Microsoft includes pointers in C#. I had wondered why they
were so insistent on including pointers.
I suspect this is the reason.
John