Redmond Report says “Vista Kernel Flawed” – Tales from the Crypto

Redmond Report says “Vista Kernel Flawed”

This is just some lovely reporting:

Vista Kernel Ready To Pop?

Vista, due largely to its lockdown of user rights, is far more secure than XP. But it’s not 100 percent safe. In fact, the kernel itself has an issue that could lead to buffer overflow attacks, or so says security company Phion.

Well, that’s hardly surprising, we know how common buffer overflow attacks are, and how difficult they are to prevent. Go on…

The exploit, which does require admin privileges, is pretty well-documented by Phion. And there’s no patch — just a workaround from the company. Hmm. Is Phion looking for new customers?

Uh… if the ‘exploit’ needs admin privileges to start with, exactly how is it an "exploit"? It’s a bug. By the time you have admin privileges, you can replace the operating system with one that does your bidding anyway, so how is it an ‘exploit’ that you can do so without replacing the OS core?

Pre-announcing this kind of flaw is like giving bullets to insurgents before our soldiers have a chance to put on helmets and bulletproof vests: dangerous.

No, it’s rather like suggesting that there’s a flaw in that if the Commander-in-Chief is secretly supporting the terrorist cause, he can order our soldiers to be needlessly sent into a dangerous war zone without sufficient arms or armour.

There are other bugs where I would agree that it’s important to avoid announcing the flaw before the vendor has been given a reasonable chance to fix it for find a workaround – this isn’t that case, though.

The flaw in question is worth noting, though, in that it’s something that can be abused by members of the Network Operators group – and there are many sites that put users into this group simply so that they can turn off or on the wireless networking card on their laptops (for those that don’t have a simple hardware switch). So, while Microsoft may assert that "Network Operators are just like administrators", there are many ordinary users who have been dropped into the Network Operators group.

2 Responses to Redmond Report says “Vista Kernel Flawed”

Leave a Reply

Your email address will not be published. Required fields are marked *