The hype of unmatched security in Windows Vista took a beating when the reports of bugs and zero day vulnerabilities came pouring after the OS was put to test about a month ago for corporate customers. The OS is yet to be released in public, probably by the end of January 2007.
The most critical of all the vulnerabilities was found on Dec 15 by a Russian programmer which lets any logged in user to alleviate its privileges to system level, therefore making one capable of running any program. This vulnerability existed not only in Vista but also in Windows 2000, XP, 2003. The vulnerability was first disclosed on this Russian forum (translated version) and later detailed on Determina security site.
Meanwhile it was also reported that hackers are selling zero day exploits and making a good fortune.
New York Times has an article worth a look about recent vulnerabilities and what guys at Redmond have to say.
No comments:
Post a Comment