Friday, December 22, 2006

Microsoft Acknowledges Vista vulnerability

Jeremy Kirk writes on InfoWorld:

A vulnerability that affects four of Microsoft's operating systems, including Vista, doesn't appear to pose a great risk, says one security vendor.

Microsoft's security blog said proof-of-concept code has been publicly released that targets the Client-Server Runtime Subsystem (CSRSS), which performs functions such as launching and closing applications.

A user could launch malicious code within the CSRSS that would elevate their privileges on a computer, such as going from an ordinary user to an administrator, said Thomas Kristensen, chief technology officer for Secunia AsP in Denmark.

More here.

0 Comments:

Post a Comment

<< Home