|December 29, 2006 17:30 - Concerns For Vista Security
Although Windows Vista won't be generally retailing to consumers for another month, it already has a number of security vulnerabilities... and this is what Microsoft describes as its most secure operating system ever.
This weekend, the New York Times reported on a Russian programmer who discovered a Vista flaw letting hackers raise the level of a user's permissions. Permissions determine what type of software can be installed, if at all.
Using that flaw, attackers could send a malicious program as an e-mail attachment that, if opened, could gain "administrator" privileges on the computer. This higher level of access could allow the attacker to change system settings and install programs.
Security firm Determina reported five more flaws in Vista, including one that would let hackers install rogue software through Microsoft's Internet Explorer 7, the Redmond firm's latest Web browser.
Microsoft has touted IE7 as a "sandbox" that won't give hackers access to a user's system even if the browser itself has been compromised. Determina's discovery appears to negate Microsoft's claim.
Mike Reavey, operations manager at Microsofts Security Response Center said, "While I know this is a vulnerability that impacts Windows Vista I still have every confidence that Windows Vista is our most secure platform to date. As always, we here at the MSRC encourage everyone to enable a firewall, apply all security updates and install anti-virus and anti-spyware software."
To reference this entry please copy the url in this link: