BlackBerry Advisor BlackBerry reviews Win a BlackBerry

Expert Advice You Can Trust

News19,135 Articles

November 20, 2008

Security warning for Windows Vista users

Microsoft to patch Vista in next service pack

Jeremy Kirk

An Austrian security vendor has found a vulnerability in Windows Vista that it says could possibly allow an attacker to run unauthorised code on a PC.

The problem is rooted in the Device IO Control, which handles internal device communication. Researchers at Phion have found two different ways to cause a buffer overflow that could corrupt the memory of the operating system's kernel.

In one of the scenarios, a person would already have to have administrative rights to the PC. In general, vulnerabilities that require that level of access somewhat undermine the risk since the attacker already has permission to use to the PC.

But it may be possible to trigger the buffer overflow without administrative rights, said Thomas Unterleitner, Phion's director of endpoint security software.

The vulnerability could allow a hacker to install a rootkit, a small piece of malicious software that is very difficult to detect and remove from a computer, Unterleitner said.

Phion notified Microsoft about the problem on October 22. Microsoft indicated to Phion that it would issue a patch with Vista's next service pack. Microsoft released a beta version of Vista's second service pack to testers last month. Vista's Service Pack 2 is due for release by June 2009.

Unterleitner said there has been lots of interest in the vulnerability. "We have received requests for detailed information on how to take advantage of this exploit from all over the world," he said.

Microsoft officials contacted in London did not have an immediate comment.

Windows Vista review

Microsoft news

See Security Advisor for more PC security news, reviews and tutorials

Free whitepaper: Is social networking really bad for business?

<<newer story | back to index | older story>>

Submit to:Digg Slashdot Del.icio.us Reddit

What is this?

Subscribe to PC Advisor now and claim your FREE gift

• FREE email newsletters. Get news, reviews and features straight to your inbox
• For videos of the latest products, visit PC Advisor TV
• Sign up for RSS to get the latest news and reviews, direct to your desktop
• Get PC Advisor news, reviews and blogs on your website for free

Keep up to date by adding PC Advisor News to your iGoogle home page or Google Reader

Question of the day!

Does your smartphone replace your need for a laptop when on the move?

Question of the day!

Does your smartphone replace your need for a laptop when on the move?

% of PC Advisor readers agree with you

Yes

TBC

No

TBC

What tasks can your smartphone do that would have traditionally been done on a laptop?

Tweet your answer here...

119 characters remaining

Follow the conversation at @SmartphoneFocus

web browsing, search facilities, voip, email, word processing everything RT @Graham_D_C

Mainly email but getting better at spreadsheets etc, RT @IDGdan

Search the web

Search reviews

Search news

Search blogs

best broadband deals

All packages Broadband bundles Broadband only

by Broadband Choices

Recent reviews

• Malwarebytes' Anti-Malware Free review
• Kodak ESP 5250 review
• Fujitsu LifeBook T4410 review
• Kodak ESP 3250 review
• Lenovo ThinkCentre A70z review
• Microsoft SideWinder X4 review
• Sony BDP-S360 review
• Acer Liquid review
• LaCie Sound2 review
• ASUS U50Vg review

Reviews index

Latest reader comments

• Bizzo. How can you HATE them if you don't use them? Surely it makes no difference that they're...
• I hate Facebook and Social networking sites. I mean, whats the actual point ? everyone who i...
• I sure do not need 1,000 characters to say that FB pisses me off. No consultation, no "would you...
• Hi Dave, Yes! apple are only doing EXACTLY THE SAME as Microsoft have done for years & years....
• yeah i agree with one of the other users on here...where's the WIN7 or Linux....would be sweeet...

Latest reader comments

Top news

• ComScore: 2009 social networking stats
• Bing boings but Google grows
• Microsoft, Google join MediaTek to boost emerging market sales
• Samsung & LG to show social networking phones
• Google adds Nexus One phone support

News index

Latest blog entries

• Smartphone blogs: best apps, best phones, best freeware
• Smartphone focus: Twitter - will Apple, Google dislodge BlackBerry?
• Google plots instant translator for smartphone
• Free and friendly Windows security software? What's the catch?
• Google Books: time for a rethink?

Blogs index

 Our RSS feeds

Sponsored Content

• Take the internet to new places with the Nokia N800
  Communicate how you want to, where you want to with instant messaging, email and internet calling. View movies, browse the internet wirelessly and watch TV on the high-resolution screen and listen through high-quality stereo speakers with headphone jack.
  Buy now

Latest technology news:

• British Library to offer 65,000 free ebooks in Amazon deal
• More companies look to virtualisation says Citrix
• Antivirus programs fail to stop new malware
• NASA's Endeavour blasts off on last mission to space station
• Toyota in Prius global recall after braking software fault

Sponsored links

• New - BlackBerry Advisor Get hands-on with our exclusive Virtual BlackBerry handset and check out the latest reviews of BlackBerry smartphones and software.

• Crucial Memory Upgrades Go to Crucial.com and use either our Memory Advisor Tool or System Scanner to find a 100% compatible memory upgrade for your system, from the Best Memory Manufacturer of 2008! We offer free delivery, free technical support, and lifetime warranty.

• Award-winning Spyware Doctor with AntiVirus 2010 delivers powerful antivirus and antispyware protection using layered technologies to defend your PC. Download now for a free scan! Discover how our award-winning ThreatFire™ Behavioural Intelligence blocks new threats faster than traditional signature methods.

• PC Advisor Smartphone Focus Latest news and resources on how smartphones are facilitating mobile and flexible working in the enterprise. Find out more and join the discussion here.

• Custom built PCs Visit our website to see our full range of custom-built PCs. Customise any specification and have the order dispatched the next working day. A massive range of PCs - from £250 to £1,000-plus - and a full list of low-cost components are available.

• Free whitepaper Legal risks of uncontrolled email and web use.

• Free whitepaper Is social networking really bad for business?

• Free whitepaper Phishing for victims: Truth, myth and cybercrime.

• Free whitepaper Threat predictions, messaging security issues and trends for 2010.

• Free whitepaper Email archiving: Top 10 myths and challenges.

• Free whitepaper Managing email: Exploring common email management challenges (and how to overcome them).

CIO – Analysis | Opinion | Latest UK IT News | UK Tech News | In Depth | Security | Storage | Outsourcing | Database management | Business strategy | Enterprise software | CIO 100 Companies – Top Users of IT in the UK

ComputerworldUK.com – IT management news and opinion | Computing news | IT and Management | ICT and technology | IT career development & HR | Managing IT infrastructure | Business intelligence | IT whitepapers and research

Digital Arts – the future of Digital Design | Design news | Creative technology reviews | Graphic design tutorials | Animation and video projects | 3D, web and video forums | Design industry blogs

Macworld - Apple news and reviews | Mac Pro & MacBook reviews | Mac OS X and software | iPod, iTunes news and reviews | Professional design, music and video | Digital lifestyle - iLife and photography | Mac business applications | Mac educational computing

MacVideo – the ultimate resource for video on the Mac | Video Editing | Camera Technology | DVD Authoring | Video Encoding | Motion Graphics and VFX

Techworld - IT infrastructure & networking news and reviews | VOIP | Data storage | Network Security | Wireless Network | Network Monitoring | Operating systems and servers | Enterprise computing topic pages | Virtualisation

PC World | PC Welt | PC World Australia | PC World Norway | PC World Poland | PC World France