R
Roscoe
Should we be concerned about two more dangerous exploits/security flaws
uncovered by “Long” and “Zheng” (two Swedish security experts using these
names to hide their identity from Microsoft)?:
"The first exploit is a bug inside the keyboard and mouse subsystem which
enables the targeted system to be hijacked and maliciously delete files,
folders, music, torrents and other important sounding stuff without the user’s
authorization or control.
Details of how such an exploit works are sketchy, but leaked documents
reveal the keyboard and mouse APIs offers unprecedented amount of control
over an operating system, allowing anyone and everyone to have full access
to your computer with or without your authorization. This exploit allows
anyone ranging from younger siblings to gang leaders who could use brute
force, such as a punch or tickle, to gain access to your keyboard and mouse
cursors and perform malicious activities such as browsing The Inquirer or
deleting vital fraudulent financial documents.
A second exploit highlights a serious flaw inside the popular
Windows-platform development tool, Visual Studio. An undocumented feature
inside this software is said to enable the ability for malicious users to
compile and execute unsigned and potentially damaging source code. If users
somehow come across malicious source code and decide to copy, paste, compile
and execute within Visual Studio, the resulting application could change
wallpapers, block access to YouTube, increase the volume and other serious
irreversible damages to the computer system."
uncovered by “Long” and “Zheng” (two Swedish security experts using these
names to hide their identity from Microsoft)?:
"The first exploit is a bug inside the keyboard and mouse subsystem which
enables the targeted system to be hijacked and maliciously delete files,
folders, music, torrents and other important sounding stuff without the user’s
authorization or control.
Details of how such an exploit works are sketchy, but leaked documents
reveal the keyboard and mouse APIs offers unprecedented amount of control
over an operating system, allowing anyone and everyone to have full access
to your computer with or without your authorization. This exploit allows
anyone ranging from younger siblings to gang leaders who could use brute
force, such as a punch or tickle, to gain access to your keyboard and mouse
cursors and perform malicious activities such as browsing The Inquirer or
deleting vital fraudulent financial documents.
A second exploit highlights a serious flaw inside the popular
Windows-platform development tool, Visual Studio. An undocumented feature
inside this software is said to enable the ability for malicious users to
compile and execute unsigned and potentially damaging source code. If users
somehow come across malicious source code and decide to copy, paste, compile
and execute within Visual Studio, the resulting application could change
wallpapers, block access to YouTube, increase the volume and other serious
irreversible damages to the computer system."