Quote:
Originally posted by jaguar
Interesting, but it requires access of some sort, so its not going to worry me. .
|
Right...nobody ever got hostile code running on their Windows machine without a black-bag job. *Not*!
The problem here is that *any* hostile code can privilege-escalate to any level owned by any window on the desktop...visible or not. As a side note, it can manipulate any window present on the desktop too.
I like the passagne in the "response" from MSFT:
<blockquote><i>
In our essay, the "Ten Immutable Laws of Security", these are Law #1-- "If a bad guy can persuade you to run his program on your computer, it's not your computer anymore..."
</i></blockquote>
That would apply to the new EULA for XP SP1 too, I guess.
It's Bill's computer, now. :-)