Post Tue Jan 02, 2007 5:56 pm

The First Vista Vulnerability - Overblown?

A "proof of concept" program for an exploit for Microsoft's recently released Windows Vista operating system was released on a Russian hacker site recently.

The alert accompanying the code speculated that some old debug code was left in the released Windows code which is all the more remarkable since the code appears to be quite old.

Some reports claim that the vulnerability allows for a privilege escalation exploit; this led to a series of alarmed news stories that were widely picked up, especially the one in the New York Times.

Further analysis indicates that there's less here than was initially thought. As this article in BetaNews shows, the vulnerability is real, but there's no evidence that it can do anything worse than crash the system. And Microsoft says that exploiting the bug requires "Log on Locally" privileges, meaning that it can't be exploited simply by visiting a Web page or performing other casual operations.

Expect further advisories from Microsoft on this bug and a fix before too long, but don't worry too much about it. There are no reports of the vulnerability being exploited in the wild.


For original story:
http://www.pcmag.com/article2/0,1895,2078223,00.asp

Don
CISSP, MCSE, CSTA, Security+ SME