Careers & Certifications

07:34 PM
Connect Directly
RSS
E-Mail
50%
50%

First Exploit Of Windows Vista Spotted

It is the first Windows Vista exploit made public since the operating system was released to volume license customers Nov. 30.

Proof-of-concept code for an unpatched vulnerability in all supported versions of Windows, including Vista, has gone public, prompting alerts from security vendors and a warning from its Russian discoverer that the flaw may be dangerous.

It is the first Windows Vista exploit made public since the operating system was released to volume license customers Nov. 30.

According Symantec and eEye Digital Security, the bug is a memory corruption vulnerability that pops up when the MessageBox function is called; eEye pegged the threat as "medium," while Symantec labeled it as a "privilege escalation," a type of threat generally considered low on the security scale. An attacker would need authorized access to a PC to exploit the bug.

The code first showed up on a Russian hacker site, and was subsequently posted to milw0rm.com.

Mike Reavy, program manager with the Microsoft Security Response Center, acknowledged that the team was "closely monitoring" the situation even as the holidays approached.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Cartoon
Hot Topics
12
Confessions Of A VMworld Virgin
Susan Fogarty, Editor in Chief,  8/22/2014
6
IT Certification's Top 10 Benefits
Global Knowledge, Global Knowledge,  8/20/2014
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Slideshows
Twitter Feed