A Symantec researcher said late last week that the Vista firewall can easily be subverted because of design decisions made by Microsoft.
Orlando Padilla, a Symantec security response team member who penned a research paper on how well Vista stands up to current malware, took the new operating system's firewall apart in this blog last Friday.
According to Padilla, Vista's firewall poses a great limitation for malicious code looking to backdoor a host.
"Unfortunately, the Unblock button may be accessed with the same privilege level as a standard user. This configuration of privileges creates a point of vulnerability that undermines the effectiveness of the firewall's policy in Windows Vista," he said.
What concerns Padilla - and the rest of the IT security industry - is that, whilst it's possible to subvert a firewall, Microsoft has had the option, using the User Account Control (UAC) option, to strengthen the firewall protection.
Except that it didn't. Despite Vista's much-vaunted security features...