Hi


Standard (Ã* la Halvar Flake) heap overflow exploitation techniques
fail in an XPSP2 or Win2k3 environment. A year ago, Alexander Anisimov[1]
has shown a work around (with a lot of conditions, however). A few
months ago, Nicolas Falliere[2] has presented another method, as well
as Brett Moore[3] a few weeks ago. Also here on AO something has been
written[4].


Some good reads - but these are not all of them? Have you got some more
readers or a few examples, however, on which Occam's razor has been applied?


Note that identifying security flaws and the attempt to exploit them is
an excellent and amusing mean to understand the internal workings of an
operating system


Thanks.

Cheers


[1] http://www.maxpatrol.com/defeating-x...protection.pdf
[2] http://packetstormsecurity.nl/papers...rotections.pdf
[3] http://www.security-assessment.com/W...iting_Freelist[0]_On_XPSP2.zip
[4] http://www.antionline.com/showthread...hreadid=268653


Note: the third link has to be copy-pasted manually