Archive for the 'Exploits and Vulnerabilities' Category
vista exploitable,researcher says
Friday, February 16th, 2007It’s possible to elevate system privileges by exploiting a flaw in Microsoft’s newly released Windows Vista operating system, according to one well-known vulnerability researcher. Marc Maiffret, CTO and chief hacking officer of Aliso Viejo, Calif.-based eEye Digital Security Inc., said during an interview at RSA Conference 2007 Monday that according to his research, there’s a [...]
Vista pranks possible via voice commands
Saturday, February 3rd, 2007"PC, root thyself." It may not be that easy, but users of Windows Vista may have to watch out for malicious audio files. Prompted by a posting on a security mailing list, security experts investigated and confirmed that a computer running Microsoft’s latest operating system, Windows Vista, could have system commands activated by audio files [...]
Just how bad is the first Vista security flaw?
Saturday, December 30th, 2006Microsoft has publicly acknowledged the discovery of the first Windows Vista security flaw. But just how serious is it? Opinions seem to vary widely. The New York Times claims the flaw is serious enough to result in Microsoft "facing an early crisis of confidence in the quality of its Windows Vista operating system." Not surprisingly, [...]
Microsoft fixes flaw in Vista
Thursday, October 12th, 2006Along with patches for Windows 2000, XP, and Server 2003 Microsoft released at least one update for Windows Vista on Tuesday, TechWeb has confirmed.
One of the 10 security updates - MS06-061 - applies to Windows Vista RC1, the last widely-distributed preview of the operating system. Unlike that bulletin’s patches for Windows 2000, Windows XP, and [...]
Vista passes one security test
Sunday, September 24th, 2006Does the multi-layered security protection in Windows Vista work? As I pointed out yesterday, we won’t have a definitive answer to that question until months after Vista is officially released. But one current exploit offers reason to be encouraged.
Security experts are buzzing over a zero day exploit in Internet Explorer that allows an attacker to [...]
Microsoft issues first patches for Vista
Friday, August 18th, 2006Microsoft confirmed Tuesday that two of the 12 security bulletins issued last week affect Windows Vista Beta 2, the widely used preview, and posted download instructions for the first security updates to its next-generation operating system. "We are committed to releas[ing] Windows Vista updates for all MSRC [Microsoft Security Response Centre] critical class issues that [...]
Microsoft admits legitimate threat to Vista
Wednesday, August 9th, 2006Before it’s even released, Windows Vista is under attack. After security researcher Joanna Rutkowska demonstrated how it’s possible to circumvent security in Microsoft’s Vista beta software and install a rootkit called Blue Pill, Microsoft said it intends to find ways to stop both potential threats before Vista ships.
At the Black Hat conference, Rutkowska, security researcher [...]
Windows Vista Succumbs to Blue Pill
Wednesday, August 9th, 2006Microsoft spent a whole day at the Black Hat conference last week extolling the security enhancements in its upcoming Vista operating system. Joanna Rutkowska, a security researcher with security firm Coseinc, spent a day picking it apart. Then again, what else would you expect from a session at a hacker convention titled: "Subverting Vista Kernel [...]
MS Watches as Vista Gets 0wn3d by Rootkit
Monday, August 7th, 2006Microsoft security chief Ben Fathi responds to a standing-room-only demo of a new technique used to plant an offensive rootkit in Windows Vista. Ben Fathi slipped into the darkened, standing-room-only conference room and took a seat on the carpeted floor.
On the Black Hat stage, malware researcher Joanna Rutkowska, of COSEINC, was discussing a new [...]
Cracking Windows Vista Beta 2 Local Passwords
Monday, July 31st, 2006While I was playing around with Windows Vista Beta 2 I decided to see if some of the old tools for cracking local account password still worked. It would seem that Microsoft has changed how the SAM file and SYSKEY work in Vista so none of my old tricks that use to work with NT [...]
