Hi Logos,
It is a 16 bit kernel exploit in Windows kernel versions since 1993. Advisory to be found here:
http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0346.htmlThis is believed to affect every release of the Windows NT kernel, from
Windows NT 3.1 (1993) up to and including Windows 7 (2009).
Again another example of security through obscurity, new exploitable skeletons are to be found up inside the Windows cupboard every once in a while, because one has build layer on layer to make it more secure, sometimes flaws are found that are there from day one to the present day, also heap spray exploits with of course javascript as the route will be found again and again. This is a predictable ongoing phenomenon...
Until script blocking like NS in Firefox does reach the MS browser for instance, it will never be fully secure, I fear,
polonus