Research and Development

Windows has had the ability to embed HTML into it’s user interface for many years. Right back to and including Windows NT 4.0, it has been possible to embed HTML into the task bar, but the OS has always maintained a sandbox, from which the HTML has been unable to escape. All this changes with Windows Vista.

This document attempts to summarise the changes introduced with Microsoft’s Windows Vista and highlights some of the new attack surfaces it brings.


Request to be added to the Portcullis Labs newsletter

We will email you whenever a new tool, or post is added to the site.

Your Name (required)

Your Email (required)