IBM offers protection against Microsoft

IBM'S SECURITY OUTFIT, ISS today offered protection from the several critical vulnerabilities Microsoft announced were threatening Windows users.

The vulnerabilities include a flaw in Microsoft's Vista's core antivirus engine, which also guards Windows Live and Windows' bastion of hope, Defender.

This vulnerability "allows an attacker to send a specially-crafted PDF file to users and trigger a heap overflow in the antivirus engine, resulting in remote code execution". (Gulp! Ed.)

"Successful exploitation could grant an attacker system-level privileges", ISS said.

The scurity firm also claimed it, "continues to work closely with Microsoft to provide Vista support for our customers," whilst boasting that those customers had been protected from this flaw since January.

IBM published an assessment of Vista's Kernel-Locking, in a pdf (Gulp! Ed.) here. µ