Talk:Shatter attack

From Wikipedia, the free encyclopedia

[edit] Whether a "shatter attack" represents an inherrent design flaw in the Windows API

The below text was removed because it is not a neutral viewpoint.

"The introduction of UIPI in Windows Vista could be interpreted as an implicit acknowledgement that Microsoft's earlier viewpoint, that the possibility of shatter attacks was "not a flaw in Windows", was mistaken."

A larger issue to me is that the flaw is an issue only on a program-by-program basis. If a program uses the default message handler, DefWndProc(), for messages like WM_TIMER whose default behavior is to call the passed function pointer, those programs are vulnerable. However, if that program has no need to process that given message, it may well be written by someone wise enough to ignore the message, or flag an error. Further, a given callback pointer can be checked for whether it falls within a program's code space (instead of within data area which it shouldn't be executing in most cases), or just against a list of valid callbacks.

It may be argued that the default windows message processing behavior, calling an unchecked code pointer, is undesirable, but any program can defend itself against this. That is, the default behavior is suboptimal, but overridable. So this is certainly a flaw, but is not "broken" as the author of the original exploit claims. If someone knows a way to concisely say the same thing, please add it to the article. — OldMiner 23:17, 22 February 2007 (UTC)