Our team of researches surfs the Internet on an everyday basis in search of the latest registry news and relevant information useful to visitors. This site strives to provide exciting registry information with two basic principles; Simplicity and Quality, with reference to the best information on registries.
The writers of the site present articles illustrated with images, while ensuring that the articles are both clear and concise in order to provide professional, yet easy to understand articles. Registry products and problems are analyzed and evaluated so as to present visitors with professional and factual articles. More...
Nov
24th

Windows Vista Vulnerability Detected!

Author: Egle | Files under Windows Vista registry

Merry-Vista-Vulnerability-2.pngAn Austrian security vendor Phion discovered a vulnerability in Windows Vista. The vulnerability could possibly allow an attacker to run unauthorized code on a PC and corrupt the memory of the operating system's kernel causing a blue-screen-of-death crash.

This flaw could enable root-kits to hide or denial-of-service attacks to be executed on computers that use the operating system.

The vulnerability was found by Thomas Unterleitner, director of endpoint security software of Austrian security company Phion. It was announced last Friday. Unterleitner told ZDNet UK that Phion informed Microsoft about the flaw in October. But he understood that a fix would only be released in the next Vista service pack.

According to the announcement of the flaw by Unterleitner, the issue is located in the network input/output subsystem of Vista. Certain requests sent to the iphlpapi.dll API could result in a buffer overflow. Unterleitner added that this buffer overflow could also be exploited to inject code, therefore compromising client security.

The vulnerability is rooted in the Device IO Control. It controls internal device communication. The flaw could trigger a buffer overflow without administrative rights. In this way it enables an attacker to install a root-kit. It is a small piece of malicious software. It is very difficult to detect and remove the root-kit from a computer running unauthorized code.
1security.jpg
In one of the schemes, a person would already have to have administrative rights to the PC. Generally, vulnerabilities that need that level of access somewhat undermine the risk since the attacker already has permission to use to the PC.

By using a sample program, Unterleitner and his colleagues confirmed that Vista Enterprise and Vista Ultimate were definitely affected by the flaw. Other versions of Microsoft's operating systems were "very likely" affected too. Both 32-bit and 64-bit versions are vulnerable. But, Windows XP is not affected.

Resources:
Windows Vista:Vulnerability found by researchers
Kernel vulnerability attacks Windows Vista
A flaw found in Windows Vista

Post a Comment

Security Code: