According to the NYT, Flaws Are Detected in Microsoft’s Vista, the most secure Microsoft product released to date is broken!
On Dec. 15, a Russian programmer posted a description of a flaw that makes it possible to increase a user’s privileges on all of the company’s recent operating systems, including Vista. And over the weekend a Silicon Valley computer security firm said it had notified Microsoft that it had also found that flaw, as well as five other vulnerabilities, including one serious error in the software code underlying the company’s new Internet Explorer 7 browser.
The browser flaw is particularly troubling because it potentially means that Web users could become infected with malicious software simply by visiting a booby-trapped site. That would make it possible for an attacker to inject rogue software into the Vista-based computer, according to executives at Determina, a company based in Redwood City, Calif., that sells software intended to protect against operating system and other vulnerabilities.
A Microsoft spokeswoman, Nicole Miller, is quoted as saying:
…the company was also investigating the reported browser flaw and that it was not aware of any attacks attempting to use the vulnerability.
Makes me feel a lot better, how about you?
