Microsoft Windows Vista proves ‘pushover for Internet hackers’

“The brand spanking-new Windows operating system called Vista – billed as ‘the most secure version of Windows yet’ on the Microsoft Web site – has proven a pushover for Internet hackers,” The New York Daily News reports.

“Microsoft has acknowledged Vista has a flaw that could allow users to increase their access level to administrator, a problem first posted by a Russian hacker,” The Daily News reports.

“A flaw was also found in Microsoft’s new Internet Explorer 7 that could download viruses from a booby-trapped Web page. That flaw and five others were reported by Determina, a Silicon Valley computer security company,” The Daily News reports.

“News of the IE7 flaw and the hacker postings is a black eye for Bill Gates and Microsoft – and for the thousands of PC makers who will begin selling their computers next month with Vista,” The Daily News reports. “Vista’s big selling points, besides it supposed safety and security, are its stunning 3D graphics that many critics argue is simply an attempt – and a bad one at that – to match what Apple has had for years on the Macintosh.”

Full article here.

John Markoff reports for The New York Times, “Microsoft is facing an early crisis of confidence in the quality of its Windows Vista operating system as computer security researchers and hackers have begun to find potentially serious flaws in the system that was released to corporate customers late last month.”

Markoff reports, “On Dec. 15, a Russian programmer posted a description of a flaw that makes it possible to increase a person’s privileges on all of the company’s recent operating systems, including Vista.”

“Over the weekend a Silicon Valley computer security firm said it had notified Microsoft that it had also found that flaw, as well as five other vulnerabilities, including one serious error in the software code underlying the company’s new Internet Explorer 7 browser,” Markoff reports. “The browser flaw is particularly troubling because it potentially means that Web users can become infected with malicious software simply by visiting a booby-trapped site. That would make it possible for an attacker to inject rogue software into the Vista-based computer…”

Full article here.

42 Comments

  1. Windows Vista’s design is flawed. No matter how many times it is patched, it will still be flawed “by design.” The only way Microsoft can fix the problem is to dump Windows and start with something new (or “old” as Apple did when it dumped Mac OS 9 for a Unix-based system).

    Those who attempt to equate Mac OS X security to Windows insecurity are wrong. The safety through obscurity myth is obviously wrong. Windows Vista is currently only released to corporate customers, and already there are numerous serious security issues and flaws. Mac OS X has been out there for five plus years with tens of millions of users, and there has not been a single piece of malware that as caused loss or damage. All we see are lame “concept” malware and “warnings” about vulnerabilities without any demonstrated exploits. Real world evidence suggests Mac users are safe and secure (and can get their work done without constant worry), while Windows users must buy, install, and update security software as a way of life. I use a Windows XP laptop for work, and my mental attitude when I use my “PC” versus Mac is completely different.

  2. Learn along time ago software has a life span. At some times you need to start over. When you put bandages on bandages. You get a flawed product.

    Basically diddent they take Windows Server 2003 as the base OS engine for Vista? When they finally could not get the builds of Longhorn to work?

    They either build on a good foundation or that blvd going to sink!

  3. MacMania, Zeke: I’ve been living on this planet for rather longer than you have, apparently. UNIX’s reputation for security comes from it being continually compared to WIndows, which is a very low bar, indeed.

    UNIX was intended for use within Bell Labs, which was hardly a hostile environment. It embodies several fundamental design mistakes, the worst of which are the “setuid” bit, and the existence of a “root” account.

    Read and learn:

    http://andercheran.aiind.upv.es/toni/unix/index_en.html

    And if you want to know what a system that really is designed for security looks like, google for KeyKOS and Coyotos for two examples.

    -jcr

  4. “What planet have you been living on? You really should learn something about Unix and it history before you make ignorant statements like the one above.”

    It’s you who’s ignorant. If you can’t break a Unix box with a small amount of trying, you’re not trying hard enough.

    Unix has had it’s share of problems over the years, and has gone from being trivial to break in the 60’s 70′ 80’s and 90’s to somewhat tougher now.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.