A flaw has been discovered in Microsoft's flagship Windows Vista operating system, but the company has said it won't fix the glitch until its next, as-yet unannounced, service pack.
Discovered by Austrian researcher Thomas Unterleitner of the insecurity company Phion and announced last Friday, the buffer overflow flaw reportedly exists in Vista's networking I/O subsystem.
It can cause a blue screen of death system crash, allow denial of service attacks, or enable injection of rootkits or other malware such as viruses, trojans, bots or keyloggers.
Unterleitner told ZDnet UK that Phion had notified Microsoft of the vulnerability in October.
Phion successfully tested an exploit of the vulnerability against Vista Enterprise and Vista Ultimate and believes that other versions of Windows Vista are "very likely" also vulnerable. It says that both 32-bit and 64-bit versions of the operating system contain the flawed code.
Windows XP reportedly doesn't contain the vulnerability.
Unterleitner said administrator privileges are required to execute a program that calls the function containing the flaw, but that doesn't seem like much of a hurdle, since Vista trains its users to click on "OK" to all sorts of security warnings.
He also said it appeared possible, though not yet confirmed, that an attacker might craft a malformed DHCP packet to "take advantage of the exploit without administrative rights."
"We have worked together with Microsoft Security Response Center in Redmond since October 2008 to locate, classify and fix this bug," Unterleitner reportedly said in an email. "Microsoft will ship a fix for this exploit with the next Vista service pack."
However, Microsoft said that it had investigated but was "currently unaware of any attacks trying to use the vulnerability or of customer impact." Nor could it confirm that a fix will be included in the next Vista service pack or project when it might get around to releasing that. µ
Vista kernel is vulnerable
By Egan Orion on Nov 25, 2008 9:55AM