Windows Vista, the new computer operating system that Microsoft Corp is touting as its most secure ever, contains a programming flaw that might let hackers gain full control of vulnerable computers.
Microsoft and independent security researchers, however, tried to play down the risk from the flaw, which was disclosed on a Russian Web site recently and is apparently the first affecting the new Vista system released to larger businesses late last month.
The software company said it was investigating the threat but found so far that a hacker must already have access to the vulnerable computer in order to execute an attack.
That could occur if someone is actually sitting in front of the PC or otherwise gets the computer's owner to install rogue software, said Mikko Hypponen, chief research officer for Finnish security research company F-Secure Corp.
"The bottom line is you couldn't use a vulnerability like this to write a worm or hack a Vista system remotely," Hypponen said on Tuesday. "It only has historical significance in that it's the first reported vulnerability that also affects Vista. It's a non-event in other ways."
Attackers with low-level access privileges on a vulnerable machine could theoretically use the flaw to bump up their status, ultimately gaining system-wide control, Hypponen said.
The flaw affects older Windows systems as well and Hypponen said vulnerabilities like these are quite common and can be fixed with a software patch, which Microsoft releases on the second Tuesday of each month except for the most serious threats. The flaw remains a proof of concept, with no one known to have actually launched an attack with it, Hypponen said.
In a posting on Microsoft's security-response Web journal, a senior security manager, Mike Reavey, said he remained confident "Windows Vista is our most secure platform to date."
Vista, the first major Windows upgrade since Windows XP launched in 2001, was made available on Nov. 30 to businesses that buy Windows licenses in bulk. Consumers generally won't be able to get Vista until Jan. 30.
In trying to improve security, Microsoft redesigned its flagship operating system to reduce users' exposure to destructive programs from the Internet. But most security researchers believe a complex product like Vista can never be error-free, so it was a matter of time for someone discovered a security vulnerability.
ROLLER-COASTER RIDE: More than five earthquakes ranging from magnitude 4.4 to 5.5 on the Richter scale shook eastern Taiwan in rapid succession yesterday afternoon Back-to-back weather fronts are forecast to hit Taiwan this week, resulting in rain across the nation in the coming days, the Central Weather Administration said yesterday, as it also warned residents in mountainous regions to be wary of landslides and rockfalls. As the first front approached, sporadic rainfall began in central and northern parts of Taiwan yesterday, the agency said, adding that rain is forecast to intensify in those regions today, while brief showers would also affect other parts of the nation. A second weather system is forecast to arrive on Thursday, bringing additional rain to the whole nation until Sunday, it
LANDSLIDES POSSIBLE: The agency advised the public to avoid visiting mountainous regions due to more expected aftershocks and rainfall from a series of weather fronts A series of earthquakes over the past few days were likely aftershocks of the April 3 earthquake in Hualien County, with further aftershocks to be expected for up to a year, the Central Weather Administration (CWA) said yesterday. Based on the nation’s experience after the quake on Sept. 21, 1999, more aftershocks are possible over the next six months to a year, the agency said. A total of 103 earthquakes of magnitude 4 on the local magnitude scale or higher hit Hualien County from 5:08pm on Monday to 10:27am yesterday, with 27 of them exceeding magnitude 5. They included two, of magnitude
CONDITIONAL: The PRC imposes secret requirements that the funding it provides cannot be spent in states with diplomatic relations with Taiwan, Emma Reilly said China has been bribing UN officials to obtain “special benefits” and to block funding from countries that have diplomatic ties with Taiwan, a former UN employee told the British House of Commons on Tuesday. At a House of Commons Foreign Affairs Committee hearing into “international relations within the multilateral system,” former Office of the UN High Commissioner for Human Rights (OHCHR) employee Emma Reilly said in a written statement that “Beijing paid bribes to the two successive Presidents of the [UN] General Assembly” during the two-year negotiation of the Sustainable Development Goals. Another way China exercises influence within the UN Secretariat is
Taiwan’s first drag queen to compete on the internationally acclaimed RuPaul’s Drag Race, Nymphia Wind (妮妃雅), was on Friday crowned the “Next Drag Superstar.” Dressed in a sparkling banana dress, Nymphia Wind swept onto the stage for the final, and stole the show. “Taiwan this is for you,” she said right after show host RuPaul announced her as the winner. “To those who feel like they don’t belong, just remember to live fearlessly and to live their truth,” she said on stage. One of the frontrunners for the past 15 episodes, the 28-year-old breezed through to the final after weeks of showcasing her unique