So it begins... Vista exploit surfaces

**Carlos_E** · 12-26-2006, 01:07 PM

Vista exploit surfaces

The first exploit since the completion of Windows Vista has surfaced, according to a confirmation by Microsoft Security Response Center head Mike Reavey. The vulnerability corrupts Windows' MessageBox protocol to raise system privileges, which could result in much more control over a system than what Microsoft allows by default. Although the exploit is currently limited to a proof of concept released on a Russian forum and demands that the malicious user already have administrative access, it has already garnered attention for challenging Microsoft's claim that Vista is more secure than its predecessors.

**Carlos_E** · 12-26-2006, 01:07 PM

That is why I'm happy I have a Mac.

**biglouie250** · 12-26-2006, 02:12 PM

im keeping XP until all the bugs are worked out.....probably 2-3 years.

**Chemical King** · 12-26-2006, 02:22 PM

think il start a poll to c who prefers xp to mac or linux

**Psychotron** · 12-26-2006, 09:23 PM

Originally Posted by Carlos_E

That is why I'm happy I have a Mac.

The problem here is the attacker needs administrator rights. If I had administrator rights on your mac i could do just as much silly crap.

**Kaioken** · 12-26-2006, 11:03 PM

http://www.youtube.com/watch?v=Icbtebiw2eo

**scriptfactory** · 12-27-2006, 01:24 AM

Originally Posted by Psychotron

The problem here is the attacker needs administrator rights. If I had administrator rights on your mac i could do just as much silly crap.

Yep. This still goes to show that Vista is more secure than XP. There are SO many holes in XP. I remember downloading the RTM a few months before it was released to the general public and by the time the retail version came out there were already a ton of exploits.

**SnaX** · 12-27-2006, 01:37 AM

Has windows vista already been released?

I haven't been following computers lately.
Im just curious, if you have a hardware firewall, you should be fairly safe, right? Just know which port the vulnerability is related with, and block it?

In any case, once it comes out, people will find a way to make it free again.

**Psychotron** · 12-27-2006, 09:30 AM

Part of my research for grad school is tearing apart Vista. Graduated in december, off to grad school for my masters of software engineering. The professor I will be working with is the guy in charge of the Information Assurance and Computer Security specialization.

Vista has not been released yet, and the exploit mentioned has not even been tested, there is no proof of concept, it is only a concept.

**RobbieG** · 12-27-2006, 09:38 PM

Originally Posted by Psychotron

Part of my research for grad school is tearing apart Vista. Graduated in december, off to grad school for my masters of software engineering. The professor I will be working with is the guy in charge of the Information Assurance and Computer Security specialization.

Vista has not been released yet, and the exploit mentioned has not even been tested, there is no proof of concept, it is only a concept.

well, the vista has been RTM.

that goes for the whole package, they will not change anything know, only update it.