First Vista Security Flaw Appears

December 28th, 2006: Four weeks after its official enterprise release and surprising few, the first security flaw has surfaced in Windows Vista.

This bug will serve as more of a blow to Microsoft’s pride than anything else though, as in order to be exploited a hacked must already have direct access to a vulnerable machine to take advantage of it. This more or less eliminates the possibility of a piece of malicious code or a virus taking control.

The flaw enables a user with restricted system privileges to access administrator-level system tools and settings without being given permission by an administrator. Potentially, a malicious user could use the flaw to disable other security features, however, as this would still require direct access in the first place the flaw isn’t particularly worrying for early adopting network administrators

Microsoft says it is remedying the problem and to date, no exploits have been reported and no code has appeared to take advantage of the issue.

While it may not be earth shattering, after hyping its new baby’s security features so intensely the flaw will no doubt have left Microsoft a little flushed.

Comment on this story