A group of researchers has discovered a serious vulnerability in Microsoft’s Windows Vista operating system, which can be exploited by the hackers to seize complete control over victim’s computer.
Team of researchers from Austrian firewall maker-company, “phion AG”, headed by Thomas Unterleitner, have notified buffer overflow flaw in networking input/output subsystem of Windows Vista.
Touted as critical by the researchers, the flaw could lead to system crash, let denial of service attacks, could enable rootkits to enter into the OS, allow injection of viruses, Trojans, or other malware components.
Though Phion has informed Microsoft about the vulnerability last month, but the company is likely to release a fix in the next Vista service pack.
Unterleitner has successfully examined an exploit of the flaw against Vista Ultimate and Vista Enterprise versions, and deems that other versions are also “very likely” to get affected by the vulnerability; in addition, he claimed that both 32-bit and 64-bit versions of the operating system are vulnerable while Windows XP remains immune from the vulnerability.
The security researcher further stated that the vulnerability requires administrator’s rights to run a program that carries the flaw; moreover, he also posed a possibility that the hacker could use maliciously created DHCP packet to “take advantage of the exploit without administrative rights”.
Till now no attacks which have exploited this vulnerability have been reported yet, Unterleitner added.