- Monday, 30 November 2009
- INQ Mobile
- RSS
Wir werden das Beste (aus beiden Unternehmen) zusammenfassen - Winsome Carly
Vista kernel is vulnerable
A FLAW has been discovered in Microsoft's flagship Windows Vista operating system, but the company has said it won't fix the glitch until its next, as-yet unannounced, service pack.
Discovered by Austrian researcher Thomas Unterleitner of the insecurity company Phion and announced last Friday, the buffer overflow flaw reportedly exists in Vista's networking I/O subsystem.
It can cause a blue screen of death system crash, allow denial of service attacks, or enable injection of rootkits or other malware such as viruses, trojans, bots or keyloggers.
Unterleitner told ZDnet UK that Phion had notified Microsoft of the vulnerability in October.
Phion successfully tested an exploit of the vulnerability against Vista Enterprise and Vista Ultimate and believes that other versions of Windows Vista are "very likely" also vulnerable. It says that both 32-bit and 64-bit versions of the operating system contain the flawed code.
Windows XP reportedly doesn't contain the vulnerability.
Unterleitner said administrator privileges are required to execute a program that calls the function containing the flaw, but that doesn't seem like much of a hurdle, since Vista trains its users to click on "OK" to all sorts of security warnings.
He also said it appeared possible, though not yet confirmed, that an attacker might craft a malformed DHCP packet to "take advantage of the exploit without administrative rights."
"We have worked together with Microsoft Security Response Center in Redmond since October 2008 to locate, classify and fix this bug," Unterleitner reportedly said in an email. "Microsoft will ship a fix for this exploit with the next Vista service pack."
However, Microsoft said that it had investigated but was "currently unaware of any attacks trying to use the vulnerability or of customer impact." Nor could it confirm that a fix will be included in the next Vista service pack or project when it might get around to releasing that. µ
L'Inq
Cnet
Share this:
ShareBusiness Intelligence Software
Customer Relationship Management (CRM)
Enterprise Accounting Software
Enterprise Resource Planning (ERP)
Enterprise Systems Management
"..next, as-yet unannounced, service pack."

What are you talking about? Windows 7 is due in Q1 2010.
What kind of joke did Microsoft announce that Vista have very good security now many network security worker over world which discovery many vulnerable in those operate system which we did paid hundreds dollar for this piece of craps. they used us to get money out of our pocket and not focus on quality only advertise for Vista. what their mind on? Ah of course! Money!!!!!!!!
"An Administrator can crash the system" is not a security flaw. Administrators can reboot the system, format the hard drive, or install drivers. So how is this a vulnerability?
Correct me if I'm wrong, but you have to be administrator to run this exploit sucessfully? Does that really count?
thank god mohave is perfect and unflawed
i know taking apple computers as winblows experts maybe annother billion in advertising will fix the problem
mm lets see XP works after a decade??? of fixing and the um tweaking community h@cking it down and pretty stable supports most of the hardware made. why would i downgrade to vista
Security Experts: Look guys, this is a major flaw that could be used to take down systems using your OS. 
Microsoft: But, it might take some time to actually fix this, and we'd have to investigate the issue, which seems like a lot of work for us.
Security Experts: Investigate the issue? We're showing you right here exactly what the problem is. All you have to do is, you know, fix it.
Microsoft: Well, we could do that, but is anyone making use of this exploit.
Security Experts: Well, we don't have any documented cases, but that doesn't mean people aren't exploiting it. Besides, the fact that the flaw exists should be enough to prompt you to fix it, regardless of whether it is being actively exploited or not.
Microsoft: Yeah, but it'll cost us a little money to fix, and if nobody's exploiting it...
Security Experts: Face-palm
Another reason I use a Mac.
I suspect that this vulnerability does not exist in XP or 2000 family of products. MS licensed the TCP/IP stack from the BSD Unix group for those family of products.

With Windows 6 family (Vista, Server 2008, etc) MS decided to "embrace and extend" that TCP/IP stack to allow for larger packets and frame buffering.

Should be interesting to see how difficult this will be to implement without breaking other things.

my .02
Loving your work, InQ...

On one hand - "OMG EXPLOIT EXPLOIT EXPLOIT! Vista is rubbish, what kind of secure OS is this?!"

on the other - "administrator privileges are required to execute a program that calls the function containing the flaw"

you know, when we get these "OSX (or LINUX) has an exploit!" certain people are very quick to point out that it requires user intervention, and the likes of sudu, or user rights elevation are required makes the exploit totally worthless. Guess what, the same's true here.

yes, this could present itself as a trojan, but then so could any number of other exploits on any number of other non-microsoft operating systems.
ah - how refreshing it is to see a mac fanboi with a lollypop in the mouth?! 
let's compare statistics of how many vulnerability occurences between mac & vista.
linux: let's count it out, as it is not even an operating system, but a jumble of megalomanics.
speaking of monopoly: how about macintosh introducing DRM & how about google packaging chrome along with operating systems with hardware manufacturers?
vista works. for over a million users just like me. i am a pc, NOT a fanboi. if there is a better system than vista, i will be the 1st one to get it. 
cheers.
I don't think anyone actually expected Vista to be any more secure than its predecessors. When you have made yourself a solid, multi-decade long reputation spanning every single product release, reputation for security holes larger than the Milky Way galaxy itself, touting a new release based on "brand new" (yeah, right) code, all you do is give the start signal to a pack of hackers to go hunting.
And, irony of all ironies, the first bug found is a . . buffer overflow. The concept of buffer overflow is as old as computing, and here, for the latest release of shiny bloatware, MS has managed to do it again.
As usual.
Uh, Monkey Boy, next time maybe you could spend less money developing "features" nobody wants (aka embedded DRM) and use the money to tighten up the core features of what any sane individual would call an Operating System (you know, stability, resiliance, . . oh wait, no, you don't know).
Ok as the article mentions you need admin rights but if you read much closer you will see the part that says "since Vista trains its users to click on "OK" to all sorts of security warnings." This means that since Vista pops up with warnings for everything and anything so most users (about 60% to 70%) will just click ok on what ever prompt pops up, get it.

Imagine even the uber gamers in the middle of a game gets a overlay pop screen above their game asking them to allow some obscure warning do you think if your about to pwn someone that your gonna sit there and read the boringnese pop up crap .... nope, click ok and it goes away, then BSOD and worm, keylogger, malware makes its way into the system. Now is that clear and easy to understand.

I've done computer security for years now and it still amazes me how so many people trust "windows lockdowns" as secure, bahahaha be serious please my spleen is about to burst.

Don't forget that Windows Server 2008 is basically Vista so the concern might less for the PCs and more for the corporate servers that might be exposed...