Vista buffer-overflow vulnerabilities exposed
Microsoft Corp.'s Vista operating system might well be Redmond's most secure client operating environment to date, but that doesn't—and couldn't—mean Vista is completely unassailable.
Security researchers have already identified a potential Speech Recognition exploit in Vista, for example, and last week another new vulnerability came to the fore—in this case, one which targets third-party software running on Vista. While the new exploit doesn't actually stem from a flaw in Vista itself, it does illustrate that Vista, even with next-gen features such as its user access control (UAC) technology, is nonetheless pregnable.
[ Read more ]