[Info-vax] How dangerous is it to be able to get into DCL supervisor mode ?
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Wed Jul 5 21:17:45 EDT 2017
On 2017-07-05 13:39:33 +0000, VAXman- @SendSpamHere.ORG said:
> Re-read the chapter on uniform exception handling. If DCL "aborts:,
> it's NOT going to return to user mode.
Crashes are commonly symptoms of attacks in development, or attacks
that are running up against ASLR or such. Attacks that are
successful don't crash. Or they crash after the exploit code has been
run.
This is part of why I've commented on opt-in, anonymized system and app
crash data collection, too. Akin to what CLUE and CCAT/CANASTA
provided in an earlier era. What Microsoft refers to as telemetry.
https://blogs.technet.microsoft.com/johnla/2015/09/26/the-inside-story-behind-ms08-067/
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list