Recent content by NTBugtraq

DCOM/RPC Vulnerabilities FAQ v4 (from summer 2003) http://www.ntbugtraq.com/default.aspx?sid=1&pid=47&aid=77 Alec, you've a minor problem with repeating yourself...;-] I haven't been trying to challenge your knowledge, only try to explain how you're talking about one thing, and I'm talking...

ActiveX and NT Security FWIW, here's an article I wrote on July 7, 1998, describing ActiveX, Sandboxes, and NT Security. http://www.ntbugtraq.com/default.aspx?sid=1&pid=47&aid=3 Cheers, Russ

MIC and much of PM is implemented to prevent certain problems: 1. An exploitable buffer overflow (BO) in, say, an IE module should not lead you to have system-wide Administrator/System privileges. You will be limited, even though you're operating outside of the paradigm of the process you've...

>ActiveX controls FWIW, an ActiveX control is merely an executable that happens to have registered entry points. That allows it to be hosted in another application. No version of IE has ever verified that an object being called *as an ActiveX control* is *actually an ActiveX control*. I can...

>Admittedly there wouldn't be any easy way to tell if you're genuine, so we'll have to assume you really are who you say you are! Actually, you can just go to the NTBugtraq home page (www.ntbugtraq.com) and either email me at the address listed there, or call my phone...;-] >VISTA & its...

Hey zekrahminator, no problems. I didn't mean to sound like I was offended or anything like it. It just happened that one of my co-workers asked me about the quote from CNet and I had forgotten giving it (hey, it was Christmas :ohwell: and I was on holidays when I spoke with Bob :toast: ) When I...

In response to Alec§taar's numerous responses...;-] >"In Windows Vista with Protected Mode… When the ActiveX concept was first publicly discussed (I was part of the Design Review a long time before it ever got public mention) there were raging debates over whether there should be some sort...

Well, I'll go out on a limb here and pick a number out of the air...;-] IMO, <5% of system compromises occurs because of buffer overflows. Heck, let's make that <1%! If I'm getting a bot or trojan, its likely that I double-clicked on an attachment. No need to overflow buffers if the victim...

No, I wasn't referring to you or anyone who had posted here, I was referring to the quote of Andrew Brust in the original PC World article. "Once Vista is being shipped by OEMs on all new PCs, we won't be debating why people should move," said Andrew Brust, chief of new technology with...

Vista Adoption Russ Cooper here. FWIW... >Driver support is buggy I never said that. Driver support isn't buggy, its non-existant. Either there is a Vista driver, or there isn't and the old one doesn't work. This is true for the vast majority of things, from VPN software to camera...