A Russian security company called Positive Technologies claims that it has found a way to beat Windows XP Service Pack 2’s Data Execution Protection. This SP2 tool is meant to prevent the insertion of rogue code directly into a computer’s memory and tricking the computer into running it. Positive Technologies reports that two minor mistakes in the implementation of this protection allow it to be sidestepped.
Apparently, Microsoft was notified on December 22nd. But no patches for the flaws have been released so far and no reason was given as to why Positive Technologies decided to now go public with the flaws.
Will this ever end? Yes, I know the answer.