Windows Vista, the new computer operating system that Microsoft Corp is touting as its most secure ever, contains a programming flaw that might let hackers gain full control of vulnerable computers.
Microsoft and independent security researchers, however, tried to play down the risk from the flaw, which was disclosed on a Russian Web site recently and is apparently the first affecting the new Vista system released to larger businesses late last month.
The software company said it was investigating the threat but found so far that a hacker must already have access to the vulnerable computer in order to execute an attack.
That could occur if someone is actually sitting in front of the PC or otherwise gets the computer's owner to install rogue software, said Mikko Hypponen, chief research officer for Finnish security research company F-Secure Corp.
"The bottom line is you couldn't use a vulnerability like this to write a worm or hack a Vista system remotely," Hypponen said on Tuesday. "It only has historical significance in that it's the first reported vulnerability that also affects Vista. It's a non-event in other ways."
Attackers with low-level access privileges on a vulnerable machine could theoretically use the flaw to bump up their status, ultimately gaining system-wide control, Hypponen said.
The flaw affects older Windows systems as well and Hypponen said vulnerabilities like these are quite common and can be fixed with a software patch, which Microsoft releases on the second Tuesday of each month except for the most serious threats. The flaw remains a proof of concept, with no one known to have actually launched an attack with it, Hypponen said.
In a posting on Microsoft's security-response Web journal, a senior security manager, Mike Reavey, said he remained confident "Windows Vista is our most secure platform to date."
Vista, the first major Windows upgrade since Windows XP launched in 2001, was made available on Nov. 30 to businesses that buy Windows licenses in bulk. Consumers generally won't be able to get Vista until Jan. 30.
In trying to improve security, Microsoft redesigned its flagship operating system to reduce users' exposure to destructive programs from the Internet. But most security researchers believe a complex product like Vista can never be error-free, so it was a matter of time for someone discovered a security vulnerability.
SCHEDULE: The delegation is due to meet with President Tsai Ing-wen this morning and witness the signing of an MOU on bilateral health cooperation in the afternoon US Secretary of Health and Human Services (HHS) Alex Azar yesterday arrived in Taipei aboard a US government plane at the head of a delegation that is the highest-level visit by a US official since Washington switched diplomatic recognition to China in 1979. Azar’s flight landed at Taipei International Airport (Songshan airport) at 4:48pm, nearly one hour earlier than scheduled, the Ministry of Foreign Affairs said. The apron where it landed is reserved for military aircraft, the Songshan Air Force Base Command said. The members of Azar’s delegation included HHS Assistant Secretary for Preparedness and Response Robert Kadlec, HHS Chief of Staff Brian
CHINESE FIGHTERS: Beijing marked the US Cabinet member’s visit by briefly sending two warplanes across the median line of the Taiwan Strait yesterday morning President Tsai Ing-wen (蔡英文) yesterday met with US Secretary of Health and Human Services Alex Azar in the highest-level official meeting between the two nations since 1979. “It is a true honor to be here to convey a message of strong support and friendship from [US] President [Donald] Trump to Taiwan,” Azar said during the open portion of his courtesy call to the Presidential Office, which was streamed live online before Tsai and Azar held a closed-door meeting. “Taiwan’s response to COVID-19 has been among the most successful in the world, and that is a tribute to the open, transparent,
ALEX AZAR: The first visit by a head of the Department of Health and Human Services would strictly observe the CECC’s special regulations, the Ministry of Foreign Affairs said US Secretary of Health and Human Services (HHS) Alex Azar is to lead a delegation to Taiwan — the highest-level visit by a US Cabinet official since the two sides cut formal relations in 1979. The plan was announced yesterday morning by the US Department of Health and Human Services and confirmed by the Ministry of Foreign Affairs (MOFA). Beijing has expressed its concerns to Washington, Chinese Ministry of Foreign Affairs spokesman Wang Wenbin (汪文斌) said later yesterday. Taiwan and the US only issued statements saying that the visit would happen “in the coming days.” MOFA said that due to security concerns, it would
‘CROSS-STRAIT CONSIDERATIONS’: Groups said that the Ministry of Education’s policies excluded Chinese and students should not be blocked over political issues The Taiwan International Student Movement yesterday said it would protest today outside the Ministry of Education in Taipei against a policy that excludes some Chinese students from returning to Taiwan amid the COVID-19 pandemic. Since June 17, the ministry has allowed foreign students from 19 “low risk” and “medium-low risk” countries and regions to enter Taiwan. On July 22, it announced that it was relaxing restrictions to include students from all countries and regions who are graduating this semester and on Wednesday it further expanded entry to students enrolled in degree programs. A letter sent by the ministry on Wednesday to universities did