Malpine Walis
Disabled
- Joined
- Nov 23, 2001
- Location
- Banned Camp
The security firm first revealed a missive about the bugs in Microsoft’s next-generation OS in mid-July, stating that networking is one of the weak points. Then, the second report implied that what Microsoft calls advanced security features could actually be the next cadaver to be scavenged by worms, viruses and hoax, serving as loopholes.
In particular, Symantec detailed a handful of holes that affect Vista’s UAP (User Account Protection) feature. The UAP is designed to help companies reduce the impact of an infection with a virus, banning the malicious code to escalate its privileges on infected machines in order to further propagate itself or inflict other damage on affected computers.
Symantec insisted on the fact that the UAP, also known as LUA (Least-Privilege User Accounts or Limited User Accounts), is a weak spot in Windows Vista, since it can be circumvented by outside attackers, based on several implementation flaws, allowing the possibility for someone to elevate a computer's access privileges and take over a desktop running the OS.
Security has been a main concern for engineers and programmers at Redmond and the implementation of new feature in this area is a key to the future success of Vista. But Symantec warned that the very tools that Microsoft has developed are sensitive to attacks.
http://www.playfuls.com/news_03817_How_Much_Time_It_Takes_to_Crack_Windows_Vista.html
Perhaps they should test it against the Sony RootKit as well?