Symantec Report: Vista Code Contains Security Loopholes

A new report from Symantec security researchers contends that Microsoft’s much-awaited Vista operating system could harbor a range of vulnerabilities that will make it less secure than previous iterations of Windows.


According to research published July 18 by Symantec, in Cupertino, Calif., a number of Vista’s software components, specifically a handful of protocols related to its redesigned networking technologies, could become security loopholes if Microsoft does not fix the problems or ensure that the product is configured appropriately to hide the glitches when it is shipped.


The Redmond, Wash., software giant is slated to deliver a final version of Vista in January 2007.


Symantec researchers reported finding three different types of potential flaws in Vista’s underlying software code, including the presence of stability issues that could cause the operating system to crash when presented with attacks that utilize malformed files to deliver their payloads.


Other issues include undocumented IP protocols with no known purpose in the product and problems with some new protocols deep within the operating system’s so-called network stack.


More at http://www.eweek.com/article2/0,1895,1990662,00.asp

Leave a Reply