Vista: Faces security storm again!
Short summary:
prompted a blogger to try out a speechbased hack. The blogger reported. on technology website ZDNet that he was able to access the Vista Start ...
Long summary:
Vista: Faces security storm again! Page 1Vista: Faces security storm again! After last week's ShoutHack flaw Microsoft's recentlyreleased operating system Windows Vista is once again in the eye of a security storm. It ispossible to elevate the system privileges by exploiting a flaw in Vistaaccording to vulnerability researchers. In an interview at the ongoing global security conference RSA 2007 Marc Maiffret CTO and chief hacking officer of Californiabased eEye Digital Security Inc said that there's a way to use a nonMicrosoft vulnerability to remotely compromise Vista as well as a way to elevate the systemprivileges using a Vistaspecific flaw according to technology websites. This is a vulnerability specific to Vista that doesn't exist in XP. Interestingly Microsoft has made a lot of security improvements in Vista but it is becoming obvious that a few loopholes will always escape attention. Maiffret plans to demonstrate his findings later this week at the ITDefense 2007 conference in Germany. Incidentally this is not the first time that a security expert has warned of a flaw in Vista at the RSA conference. Vulnerability researchers atBostonbased Core Security Technologies have also claimed that a wellknown vulnerability existing in Computer Associates' BrightStor backup software can be exploited when the programme is running on Vista.Company officials announced the flaw immediately after the Microsoft chairman Bill Gates delivered his keynote address. Penetration testing softwaremaker Core has contended that a previously disclosed vulnerability in CA's BrightStor ARCserve Backup software dubbed CVE20070169 can be exploited to compromise systems running Vista. The vulnerability suggests that in a rush to roll out Vistacompatible software third parties might ignore some of the security features in the new OS. Microsoft has said Vista is its most secure OS to date and features like Address Space Layout Randomization (ASLR) are meant to insulate Vista from malware ...
Source: www.cirosec.de
Search Terms:
Related
Researcher Reveals 2Step Vista UAC Hack, Researcher Reveals 2Step Vista UAC Hack.
The technique uses social engineering to
trick the victim into downloading an
innocentlooking file ...,
more
Vista Hack Served Directly by Microsoft, Vista Hack Served Directly by Microsoft. A
hack? Yes. But is it illegal? No. With a
combination of the slmgr.vbs rearm command
and resetting the SkipRearm ...,
more
Hack Windows Vista in Reduced Functionality Mode, Hack Windows Vista in Reduced
Functionality Mode. And rearm the
operating system to prolong Initial Grace.
Windows Vista will move into Reduced ...,
more
