Page 1 of 1

Kernel vulnerability found in Vista

Posted: Mon Nov 24, 2008 12:50 pm
by J.Byrne
"A flaw has been found in Windows Vista that could allow rootkits to be hidden or denial-of-service attacks to be executed on computers using the operating system.

The vulnerability was found by Thomas Unterleitner of Austrian security company Phion and was announced Friday. Unterleitner told ZDNet UK on Friday that Phion told Microsoft about the flaw in October but that he understood a fix would only be issued in the next Vista service pack.

According to Unterleitner's disclosure of the flaw, the issue lies in the network input/output subsystem of Vista. Certain requests sent to the iphlpapi.dll API can cause a buffer overflow that corrupts the Vista kernel memory, resulting in a blue-screen-of-death crash." ... 7-1_3-0-20

Posted: Mon Nov 24, 2008 2:39 pm
by The Distractor
You can bet anything that PoS and source code will appear on milw0rm within the coming weeks ...