Tumblr 101: Tips And Tricks To Get Started
WATCH: Shredding On The Google Guitar!
Hackers: 6, Vista: 0
About a month after the business release of Windows Vista, and a month before its consumer release, hackers and security researchers have uncovered at least six major security flaws in Microsoft's brand new operating system, the New York Times is reporting. Among flaws discovered are one that allows malicious sites to install malware on a victim's computer and one that allows user permissions to be altered on a corporate network, which could allow malware to be installed without authorization. In addition, one Japanese hacker is offering to sell Vista security flaws for $50,000.I'm not sure whether Microsoft will have a chance to update Vista before it ships to consumers on January 31, or whether they will package fixes as mandatory updates that will be installed as soon as a new Vista PC connects to the internet. Or whether they'll just plug their ears and continue to proclaim that Vista is the most secure OS ever.
[Via Monkey Bites via Street Tech]
Comments
5
Subscribe to commentsquuxDec 27th 2006 7:51PM
Sigh. *Every* OS out there has had, and will have more security issues discovered. This is the state of software today, and for the forseeable future.
Did MS market Vista as 'totally secure forever'? No? Then why do so many bloggers like yourself try to re-spin the MS spin into something it is not, never was, and never can be? Of course vulns will be discovered - in this or any other OS. So the question isn't whether they are discovered - but how well they are handled.
LordDaManDec 27th 2006 10:16PM
Here's the real problems. Note it's not even remotly close to the garbage the NYT is printing.
http://www.betanews.com/article/Is_Vista_Really_BugPlagued_as_the_NY_Times_Claims/1167176211/1
Hamman SamuelDec 28th 2006 2:56AM
Thanks LordDaMan for the link.
In summary, according to BetaNews, NYT have made at least one mountain out of a mole hill. The bug reported as "allowing malicious code to run" is actually a logical error in a call to the Win32 API function "MessageBox" that could crash the system. Ahem, while this is embarrassing for Microsoft's coders, the bug isn't a security breach as is being reported by NYT.
I'm reading a book on the Windows architecture, and from what I understand, I think is that the main problem with Windows and its infamous crashes is its virtual memory protocols. With Vista running on a revamped kernel, I am hoping that it will be more stable at least.
epobirsDec 28th 2006 9:01AM
Be fair. MS is not claiming Vista is the most secure OS ever. They're only speaking in terms of Microsoft operating systems. By all accounts thus far the claim is valid. Bugs will be found but the default state of the product is far better suited to keeping novices out of trouble and makes certain categories of attacks far harder to execute.
There have been far more secure operating systems. Just not stuff you'd want to sell for use on consumer PCs. If ease of use is not an issue the task of securing systems becomes much simplified but that isn't very helpful most of Microsoft's markets.
Glacia00Dec 28th 2006 12:03PM
I'm waiting to see if people like Neil T who responded to the "Month of Apple Bugs" post at how irresponsible researchers are to make security flaws public will say the same about this post.
Neil would you say that in this case researchers should be fair and "give full details to the security team/programmers of the affected product and give them ample time to fix the bug, before providing any detailed information about the flaw." or is it just Apple that you feel should be treated that way?