However, if the attacker instead hosts the domain evil.com and
entices you to browse to www.evil.com, he now has a communication channel to interact
with your computer. The universe of attack possibilities is limited for this attacker,
however. He needs to find a vulnerability either in the browser or in a component that
the browser uses to display web content. If the attacker finds such a vulnerability, the
firewall is no longer relevant. Your established connection to www.evil.com allows the
attacker to present an attack over this connection.
Client-Side Applications Are Often Running
with Administrative Privileges
Client-side vulnerabilities exploited for code execution result in attack code executing at
the same privilege level as the client-side application executes normally. Contrast this
with attacks such as Blaster or Slammer, which targeted system services running at a high
privilege level (typically LocalSystem). However, do not be fooled into thinking that
client-side vulnerabilities are less dangerous than system service exploits. Many users log
onto their workstation as a user in the local administrators group. If the users are logged
in as an administrator, their Internet Explorer or Outlook session is also running as an
administrator.
Pages:
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647