An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft s Virtual PC virtualization software to malicious hacker attacks. The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigations. The flaw, discovered by Core exploit writer Nicolas Economou, exists in the memory management of the Virtual Machine Monitor. It causes memory pages mapped above the 2GB level to be accessed with read or write privileges by user-space programs running in a Guest operating system.
Source: https://threatpost.com/microsoft-virtual-pc-flaw-lets-hackers-bypass-windows-defenses-031610/73695/

