- 2x1 Microsoft Bugs: 'Virtual PC hyper-hole-visor' + 'Windows Creation Vulnerability (MS10-048)'
- Nicolás Economou
- Ekoparty 2010
- Date published
- virtual pc, createwindow, exploit writing, bug, ekoparty
This talk will show you how this bug weakens Microsoft Windows security mechanisms when it is running into Virtual PC. Until now, the bug hasn't been fixed and Microsoft hasn't set a fix date.
On Tuesday June 8th 2010, Microsoft fixed a bug (MS10-032) in the "xxxCreateWindowEx" kernel function, but they forgot something... This talk will show you how MS10-032 was converted on MS10-048 and how it was exploited.