My guess is that with the hugely increased address space of a 64bit process, randomly poking at the heap in question is simply not efficient.
Cheers Ken From: Kennedy, Jim [mailto:[email protected]] Sent: Thursday, 20 September 2012 11:29 PM To: NT System Admin Issues Subject: RE: IE fix available now... Right, but if I were a bad guy I would be changing my tactics right now to target 64 bit. Certainly in IE that is a smaller number of targets but the threat is still the same for those that use 64 bit IE. From: Rod Trent [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Thursday, September 20, 2012 9:21 AM To: NT System Admin Issues Subject: RE: IE fix available now... Based on the identified attack landscape: We have analyzed the targeted attack samples that attempt to exploit this vulnerability. All real attacks we have seen are targeting only 32-bit versions of Internet Explorer and rely on third-party browser plugins to either perform efficient heap-spray in memory and/or to bypass the built-in mitigations of Windows Vista and 7 such as DEP and ASLR. From: Kennedy, Jim [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Thursday, September 20, 2012 8:57 AM To: NT System Admin Issues Subject: RE: IE fix available now... Am I missing something, where is the 64 bit version. "For computers that are running 64-bit operating systems, the following Fix it solution only applies to 32-bit versions of Internet Explorer." From: Candee [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Thursday, September 20, 2012 8:52 AM To: NT System Admin Issues Subject: Re: IE fix available now... Thanks Rod!! On Wed, Sep 19, 2012 at 8:03 PM, Rod Trent <[email protected]<mailto:[email protected]>> wrote: http://myitforum.com/myitforumwp/2012/09/19/internet-explorer-exploited-vulnerability-fix-is-available-now/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
