|
|
| News |
April 16, 2008
MWR InfoSecurity publish White Paper on the Security Implications of Windows Access Tokens
A white paper has been published today by Luke Jennings of MWR InfoSecurity which discusses the security exposures that can occur due to the manner in which access tokens are implemented in the Microsoft® Windows Operating System.
The paper is based upon research originally presented by the author at Defcon 15 [1] and Chaos Computer Congress (CCC) 2007 [2]. The white paper can be downloaded here.
Luke has also created Incognito, a tool for manipulating windows access tokens and is intended for use by penetration testers, security consultants and system administrators. This can be found at sourceforge.
|
|
|
 |
|
