Windows Vista Kernel Is Vulnerable To Buffer Overflow Vulnerability

A group of researchers has discovered a serious vulnerability in Microsoft’s Windows Vista operating system, which can be exploited by the hackers to seize complete control over victim’s computer.

Team of researchers from Austrian firewall maker-company, “phion AG”, headed by Thomas Unterleitner, have notified buffer overflow flaw in networking input/output subsystem of Windows Vista.

Touted as critical by the researchers, the flaw could lead to system crash, let denial of service attacks, could enable rootkits to enter into the OS, allow injection of viruses, Trojans, or other malware components.

Though Phion has informed Microsoft about the vulnerability last month, but the company is likely to release a fix in the next Vista service pack.

Unterleitner has successfully examined an exploit of the flaw against Vista Ultimate and Vista Enterprise versions, and deems that other versions are also “very likely” to get affected by the vulnerability; in addition, he claimed that both 32-bit and 64-bit versions of the operating system are vulnerable while Windows XP remains immune from the vulnerability.

The security researcher further stated that the vulnerability requires administrator’s rights to run a program that carries the flaw; moreover, he also posed a possibility that the hacker could use maliciously created DHCP packet to “take advantage of the exploit without administrative rights”.

Till now no attacks which have exploited this vulnerability have been reported yet, Unterleitner added.

Related Articles

- Security flaw in Vista discovered

- Kernel vulnerability found in Vista

- Buffer overflow in Vista's TCP/IP stack

- Vista could hide rootkits or fall victim to DoS attacks

- Vista kernel is vulnerable

- Newly discovered Vista vulnerability to be fixed in SP2

- Kernel vulnerability found in Windows Vista

- Vista has kernel vulnerability

- Vista SP1 TCP/IP Buffer Overflow Vulnerability Overwrites Kernel Memory