Windows Vista Security Flaw Discovered
Posted by mythoughtsandnews on January 2, 2007
NEW YORK — Windows Vista, the new computer operating system that Microsoft Corp. is touting as its most secure ever, contains a programming flaw that might let hackers gain full control of vulnerable computers. Microsoft and independent security researchers, however, tried to play down the risk from the flaw, which was disclosed on a Russian site recently and is apparently the first affecting the new Vista system released to larger businesses in late November. The software company said it was investigating the threat but found so far that a hacker must already have access to the vulnerable computer in order to execute an attack.
That could occur if someone is actually sitting in front of the PC or otherwise gets the computer’s owner to install rogue software, said Mikko Hypponen, chief research officer for Finnish security research company F-Secure Corp. “The bottom line is you couldn’t use a vulnerability like this to write a worm or hack a Vista system remotely,” Hypponen said Tuesday. “It only has historical significance in that it’s the first reported vulnerability that also affects Vista.
It’s a nonevent in other ways.” Attackers with low-level access privileges on a vulnerable machine could theoretically use the flaw to bump up their status, ultimately gaining systemwide control, Hypponen said.
Looks like Vista is not as good as they claim. They should work out the security bugs before selling to the public.