Introduction: VE2 provides two separate virtual environments (Secured and Public( To ensure corporate security and to provide secured and free access to the WEB while protecting the enterprise. Summary: Windows 16-bit execution support allows direct access to physical memory through \\PhysicalMemory device (which is actually a section) for legacy NTVDM and Virtual Real Mode of the processor, accessing physical memory from Public Environment provides direct bridge to Secured Environment processes memory. Proof of concept: http://cybermessageboard.xeran.com/secureol/viewtopic.php?t=26 Vulnerability submitted by Joe Stewart, 22.08.05 Patch Released: 23.08.05 - VE2 v1.05.1009 The information has been provided by Maxim Vainstein: maxim@xxxxxxxxxxxx For more information: http://www.secureol.com
