New Vista Exploit

The first exploit released since Windows Vista was completed has been released, according to a confirmation by Microsoft Security Response Center head Mike Reavey. The vulnerability corrupts Windows' MessageBox protocol to raise system privileges, potentially allowing far greater control over a system than allowed by default.

Although the exploit is currently limited to a proof of concept released on a Russian forum and demands that the hacker already have administrative access, it has already garnered attention for challenging Microsoft's claim that Vista is more secure than its predecessors. The attack is known to work across multiple versions of Windows -- including Windows 2000, Reavey says. Microsoft does not believe the threat to be serious but promises to closely follow any attempts to use it in the wild.

By Electronista Staff