Symantec Continues Windows Vista Bug Hunt July 26, 2006Posted by rjdohnert in Uncategorized.
After poking around the Windows Vista networking stack, Symantec researchers have tried out privilege-escalation attacks on an early version of the Windows XP successor. In a second report on Vista, Symantec takes on a security feature called User Account Control (UAC), in the operating system. The feature runs a Vista PC with fewer user privileges to prevent malicious code from being able to do as much damage as on a PC running in administrator mode, a typical setting on Windows XP.
"We discovered a number of implementation flaws that continued to allow a full machine compromise to occur," Matthew Conover, principal security researcher at Symantec, wrote in the report titled "Attacks against Windows Vista’s Security Model." The report was made available to Symantec customers last week and is scheduled for public release sometime before Vista ships, a Symantec representative said Monday.
My Thoughts; Symantec once beofre poked around in the networking code in Windoows Vista and pointed out things that Microsoft had already fixed in Windows Vista Beta 2. The end of the article says it all. Symantecs spokeswoman Pamela Reese made the statement "However, Symantec feels that customers are safer if they can exercise their choice to use the security capabilities offered by Symantec and others," Symantec in my opinion is pissed and fighting back because Microsoft has entered their markets. I cant wait for the new reports though, Im sure they are excellent works of fiction.