By Jakob Engblom
article at Ars Technica describes yet another security flaw in
Windows. Nothing much new in that respect, but this is indeed an
interesting attack in that it is enabled by using multicore hardware. It
is not practical on a single processor, demonstrating once again how
multicore is fundamentally different from multitasking on a single
The attack targets software that hooks Windows kernel code to do
additional work, such as anti-virus software.
The idea is to get bad data into a hooked system call, by replacing
input data after it has been validated by the hook but before it gets
consumed by the kernel.