So, I�ve been pretty surprised by the response to the discussion of the Flash flaw that allowed the Vista machine to be compromised in the Pwn2Own contest. I�m working on getting an interview with Alexander Sotirov and Shane Macaulay (see image, courtesy of ZDI�s official site) to discuss the issue, but in the meantime, I think we can make some reasonable assumptions from the details that have been released in an InfoWorld article:

Macaulay, who was a co-winner of last year�s hacking contest, needed a few hacking tricks courtesy of VMware researcher Alexander Sotirov to make his bug work. That�s because Macaulay hadn�t been expecting to attack the Service Pack 1 version of Vista, which comes with additional security measures� For those who aren�t familiar with Sotirov, he�s of the Javascript Fung Shui fame, which is basically a new method of heap spraying that allows the exploit code to have a predictable target address where it will be located in the heap.

So they team up and get to work:

Under contest rules, Macaulay and Miller aren�t allowed to divulge specific details about their bugs until they are patched, but Macaulay said the flaw that he exploited was a cross-platform bug that took advantage of Java to circumvent Vista�s security.