Roy Schestowitz wrote:
visit http://colatrolls.blogspot.com on Saturday
Roy Schestowitz wrote:
eEye Research
,----[ Quote ]
| Description:
| A flaw exists within Windows Vista that allows local privilege
| escalation to SYSTEM.
|
| Operating Systems Affected:
| Microsoft Windows Vista
`----
http://research.eeye.com/html/advisories/upcoming/20070119a.html
How much new code is in vista? Millions of lines of code. I have no
doubt that many of the XP exploits will no longer work in vista. I
also have no doubt that there are thousands of new exploits in vista.
Windows SW is so full of inter-dependancies that it will always be
full of exploits. vista will just have thousands of new ones.
Microsoft security is an oxymoron as opposed to those that troll cola
on Microsoft's behalf are merely morons.
<SNIP>
Most security tools not quite ready for Vista
,----[ Quote ]
| "The absence of security software from the major vendors will
| be another reason why business will not migrate to Vista right
| away," said Natalie Lambert, an analyst at Forrester Research.
| That's in addition to the lack of support for Vista in general
| applications, which are the tools businesses need to run their
| operations, she noted.
`----
http://news.zdnet.com/2100-1009_22-6139808.html
<SNIP>
Attackers end-run around IE security
,----[ Quote ]
| The vulnerability underscores that the improvements in security in the
| latest version of Microsoft's browser, Internet Explorer 7, do not
| eliminate the threats of older components of Windows, said Gunter
| Ollmann, director of IBM Internet Security Systems' X-Force
| vulnerability research team.
|
| [...]
|
| Online criminals frequently use flaws in ActiveX to install malicious
| code on victims' PCs via their browsers. One tool - known as WebAttacker
| and sold from a Russian website for about $20 - has had great success
| in compromising the security of victims' computers.
`----
http://www.theregister.co.uk/2006/11/08/ie_security_analysis/
Roy, you said a mouthful with all those links, all revealing. This
particular one I found of interest. Would not one expect that OneCare
software solution with a mega company like Microsoft, to have the
highest ratings with their software, especially with the talent they
hired? I would have expected it to be within the top 5.
Not only are there business concerns. What I find of interest is the
gamers, who have always been interested in exploiting the latest
technologies. There doesn't seem to be the enthusiasm that has
accompanied previous releases.
These areas are opportunities in which Linux outshines the competition.
--
Cheers, Rafael
http://www.faqs.org/faqs/linux/advocacy/faq-and-primer/
http://www.hyphenologist.co.uk/killfile/anti_troll_faq.htm
|
|
