That catch comes in the form of an announcement from Core Technologies of a vulnerability in Microsoft’s Virtual PC which allows an attacker to bypass some of the security safeguards which would normally be in place if the system was running on bare metal.  (rather than as a guest OS, as well as some of the tools in place to protect Windows 7 such as DEP, ASLR and SafeSEH)  This means that older vulnerabilities which were not considered exploitable, as other protections were in place, have been given a new lease on life.

Microsoft’s response downplays the announcement.  Microsoft is not calling this a vulnerability, as it requires that there already be another vulnerability to exploit.  As such, they will not be releasing a patch for the flaw, but will instead be waiting until the next release or service pack for the Virtual PC product.

In response, Paul Cooke from Microsoft says, “An attacker can only exploit a vulnerable application running “inside” the guest virtual machine on Windows XP, rather than Windows 7!”.  The exclamation mark at the end of this sentence was bothersome.  It seems that they are missing something.  Obviously there have been enough people up in arms about compatibility issues with Windows 7 that Microsoft felt the need to relax the restrictions on XP mode to encourage migration to 7.  This also says that there are companies which have software doing very important things and that the software doesn’t like Windows 7, hence the need for XP mode to be used more widely.  It’s all well and good that the host Windows 7 box is fine, as the excited Microsoft response above states, but if the important stuff is in the Virtual PC then who cares about the host OS?

More coverage is available at Threatpost

Guest Interview: Peter Giannoulis of The Academy Pro

Metasploit Rising

http://blog.metasploit.com/2009/10/metasploit-rising.html

WordPress 2.8.5: Hardening Release
http://wordpress.org/development/2009/10/wordpress-2-8-5-hardening-release/

Blubrry PowerPress Podcasting Plugin for WordPress
http://www.blubrry.com/powerpress/

Time Warner Cable Exposes 65,000 Customer Routers to Remote Hacks http://www.wired.com/threatlevel/2009/10/time-warner-cable/

Google Voice voicemails appearing in public search results
http://www.engadget.com/2009/10/19/google-voice-voicemails-appearing-in-public-search-results/

TweetDeck
http://www.tweetdeck.com/beta/

Porn, CSS History Hacking, User Recon and Blackmail
http://ha.ckers.org/blog/20091021/porn-css-history-hacking-user-recon-and-blackmail/

Windows 7
http://www.microsoft.com/windows/

Magic Mouse
http://www.apple.com/magicmouse/

Quick Shell Script to Extract Contents
http://pinowudi.blogspot.com/2009/10/quick-shell-script-to-extract-contents.html

Join us in IRC at irc.freenode.net #securabit

Hosts:
Anthony Gartner – @anthonygartner
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel – @andrew_secbit

Guest:
Peter Giannoulis

Links:
The Academy Pro - http://www.theacademypro.com/
The Academy Home - http://www.theacademyhome.com/

Don’t forget to listen to the end of the show for the guest appearances by both Kermit the Frog and Sean Connery