Linked by Eugenia Loli-Queru on Wed 27th Dec 2006 01:25 UTC, submitted by Sphinx
Microsoft is facing an early crisis of confidence in the quality of its Windows Vista operating system as computer security researchers and hackers have begun to find potentially serious flaws in the system that was released to corporate customers late last month. On Dec. 15, a Russian programmer posted a description of a flaw that makes it possible to increase a user's privileges on all of the company's recent operating systems, including Vista. Update by Thom: Ars thinks the situation is hot air, mostly, something I agree with (a cracker already has to have login credentials for the flaws to be of any use).
Thread beginning with comment 196785
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2005-07-28
LOL. Regardless of what you `dare say` McSoft apparently has the same idea.
"A significant focus of Windows Vista and a fundamental piece of Microsoft's overall vision is security. Windows Vista provides a simple and secure mechanism for running end-user accounts with standard user privileges, while eliminating the need for administrator privileges when performing many common tasks, such as installing a printer driver or connecting to a secure wireless network. This fundamental shift provides security at the OS level by preventing malware and root kits from damaging company-wide files and settings."
See: http://technet.microsoft.com/en-us/windowsvista/aa906021.aspx
Member since:2006-03-12
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-07-06
"Update by Thom: Ars thinks the situation is hot air, mostly, something I agree with (a cracker already has to have login credentials for the flaws to be of any use)."
We all know how simple this is to do with the initial user being an administrator. Oops!
What's your point, exactly? There's nothing wrong with the initial user being granted an administrative account in Vista, no moreso than having users in the wheel group or the sudoers file in *nix.
Besides which it's already been noted that the most damage this flaw has been shown to do is to crash the system; the rest is unfounded speculation at this point. I daresay that there are better ways for one to shut down a machine one has an account on than purposefully crashing it.