Windows 7 and Mac OS X have a new, fundamental flaw that’ll be presented at Hack in the Box conference in Amsterdam in July. These security holes are so close to the core operating systems that fixing them may be very hard.
“Windows 7 has an issue in 64-bit edition of the operating system. Security researchers at Sogeti/ESEC, Christophe Devine and Damien Aumaitre, discovered weaknesses in Direct Memory Access (DMA). An attacker could use those vulnerabilities to get access and take control of the machine, thereby bypassing all security features of the operating system.”
“Mac OS X issue is somewhat easier to fix, although the impact of this security hole is bigger, according to Kannabhiran. The flaw affects not only Macs, but could also affect the iPod touch, iPhone and iPad, because they all use the same OS X base. Security researcher Ilja van Sprundel from IOActive discovered this hole. He can use it to manipulate the IOKit element of the operating system and through that exploit a wide range of bugs to affect Mac OS X devices.”