The Null Device
Win32 API intrinsically, irreparably insecure
Research reveals that the MS Windows API is intrinsically insecure
; any application can spoof window messages to any other application, regardless of permissions, bypass the feeble "security" present and pull off all sorts of exploits. In other words, typical Microsoft security. And furthermore, the flaw is fundamental to the API and is irreparable, short of changing the fundamental design of the Windows message queue mechanism and breaking every existing Win32 application.
(via the Reg)
There are 3 comments on "Win32 API intrinsically, irreparably insecure":
Please keep comments on topic and to the point. Inappropriate comments may be deleted.
Note that markup is stripped from comments; URLs will be automatically converted into links.