Click here for full text:
Close, Tyler; Karp, Alan H.; Stiegler, Marc
Keyword(s): Microsoft Windows security; Shatter attack
Abstract: The Shatter attack uses the Windows API to subvert processes running with greater privilege than the attack code. The author of the Shatter code has made strong claims about the difficulty of fixing the underlying problem, while Microsoft has, with one exception, claimed that the attack isn't a problem at all. Whether or not Shatter is indeed an exploit worth worrying about, it uses a feature of Windows that has other malicious uses, such as keystroke logging. This paper presents a means of defeating this entire family of attacks with minimal breaking of applications and effect on the look and feel of the user interface.
Back to Index