It looks like the reports of a Vista vulnerability are correct. On Microsft’s Security Response blog, Mike acknowledges that there is a Windows Vista problem that they are investigating and are confident it will be fixed.
The same flaw is also a problem for Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 users. However, it does not appear to be a tremendous flaw, although it should still be monitored closely.
In fact, Secunia rates it as “less critical.” In order to be exploited, a target user would have to be logged onto the machine already or have found a backdoor into the network. Once the attacker gained access, a rootkit could be placed on the machine without any leaving any “footprints.”
We will keep you posted on this one, especially since it is for Vista. Microsoft still insists that Vista will be a huge leap in security and they are probably correct. Can you imagine how many hackers have been probing Vista since its release? Probably every hacker on the planet! To date, this is the best that they have? That is probably a pretty good vote of confidence for Vista (as long as you don’t mind Microsoft controlling the quality of your video display :|).