Microsoft is investigating a security vulnerability which affects Vista, its newly launched operating system.
Mike Reavey, operations manager at Microsoft’s Security Response Centre, revealed last Friday that Vista is vulnerable to a flaw that allows a malicious hacker to escalate user privileges within several versions of Windows.
Proof-of-concept code that exploits the code has been posted online, Reavey said in a blog posting, adding that Microsoft isn't yet aware of any malware that takes advantage of it.
"Initial indications are that in order for the attack to be successful, the attacker must already have authenticated access to the target system," wrote Reavey.
"While I know this is a vulnerability that impacts Windows Vista I still have every confidence that Windows Vista is our most secure platform to date. As always, we here at the MSRC encourage everyone to enable a firewall, apply all security updates and install anti-virus and anti-spyware software," he added.
Vista is Microsoft's first operating system release in five years. The company had repeatedly emphasised that it is more secure than previous versions, having been extensively rewritten.
One major change in Vista is that users accounts are created with administrator privileges turned off by default, unlike in XP where they are automatically turned on. Microsoft has cited this change as a key security change, as these administrator powers can be used to turn off other security measures.
zdnet
Megan_Fox_6+copy.jpg)
0 comments:
Post a Comment