Careers & Certifications

07:34 PM
Connect Directly
RSS
E-Mail
50%
50%

First Exploit Of Windows Vista Spotted

It is the first Windows Vista exploit made public since the operating system was released to volume license customers Nov. 30.

Proof-of-concept code for an unpatched vulnerability in all supported versions of Windows, including Vista, has gone public, prompting alerts from security vendors and a warning from its Russian discoverer that the flaw may be dangerous.

It is the first Windows Vista exploit made public since the operating system was released to volume license customers Nov. 30.

According Symantec and eEye Digital Security, the bug is a memory corruption vulnerability that pops up when the MessageBox function is called; eEye pegged the threat as "medium," while Symantec labeled it as a "privilege escalation," a type of threat generally considered low on the security scale. An attacker would need authorized access to a PC to exploit the bug.

The code first showed up on a Russian hacker site, and was subsequently posted to milw0rm.com.

Mike Reavy, program manager with the Microsoft Security Response Center, acknowledged that the team was "closely monitoring" the situation even as the holidays approached.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Slideshows
Cartoon
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed