An Austrian security vendor Phion discovered a vulnerability in Windows Vista. The vulnerability could possibly allow an attacker to run unauthorized code on a PC and corrupt the memory of the operating system's kernel causing a blue-screen-of-death crash.
This flaw could enable root-kits to hide or denial-of-service attacks to be executed on computers that use the operating system.
The vulnerability was found by Thomas Unterleitner, director of endpoint security software of Austrian security company Phion. It was announced last Friday. Unterleitner told ZDNet UK that Phion informed Microsoft about the flaw in October. But he understood that a fix would only be released in the next Vista service pack.
According to the announcement of the flaw by Unterleitner, the issue is located in the network input/output subsystem of Vista. Certain requests sent to the iphlpapi.dll API could result in a buffer overflow. Unterleitner added that this buffer overflow could also be exploited to inject code, therefore compromising client security.
The vulnerability is rooted in the Device IO Control. It controls internal device communication. The flaw could trigger a buffer overflow without administrative rights. In this way it enables an attacker to install a root-kit. It is a small piece of malicious software. It is very difficult to detect and remove the root-kit from a computer running unauthorized code.
In one of the schemes, a person would already have to have administrative rights to the PC. Generally, vulnerabilities that need that level of access somewhat undermine the risk since the attacker already has permission to use to the PC.
By using a sample program, Unterleitner and his colleagues confirmed that Vista Enterprise and Vista Ultimate were definitely affected by the flaw. Other versions of Microsoft's operating systems were "very likely" affected too. Both 32-bit and 64-bit versions are vulnerable. But, Windows XP is not affected.