After “uncovering” vulnerabilities in the network technology of Windows Vista, Symantec continues to “escalate” the battle by revealing a new flaw within Microsoft’s latest operating system.
This time, the spotlight is on a security feature called User Account Control (UAC). This feature limits the privileges of Vista computer users, preventing malware from wreaking havoc as it could in admin mode.
However, according to Matthew Conover, a leading expert at Symantec, they have discovered several vulnerabilities in UAC that allow a computer to be compromised easily. Based on a Vista preview from February, Conover described how hackers could infiltrate and gain control over a Vista machine running Internet Explorer 7.
 |
| Source: CNET |
First, the attacker embeds a malicious file onto the Vista computer after tricking the user into visiting a malicious website. Subsequently, this malware seeks to escalate its privileges, ultimately allowing the hacker full control over the system.
Meanwhile, Microsoft maintains that they have addressed nearly all the issues identified by Symantec. The company emphasizes that vulnerabilities found in the test versions do not accurately reflect the quality and operation of the UAC feature in the final release.
Furthermore, Microsoft stated that Symantec experts conducted their attacks assuming users logged in with admin accounts, a mode that Microsoft does not encourage. Instead, the software giant recommends that users utilize standard accounts and only enter admin passwords when installing new software.
Microsoft has heavily marketed Vista as the safest operating system to date, with UAC and IE7 seen as key components contributing to this robust defense.
The report on UAC is the second in a series of three that Symantec plans to publish regarding Windows Vista. The first report focused on vulnerabilities in Vista’s network technology, while the final report is expected to be released this week, targeting the kernel core.
Once close allies, the relationship between Symantec and Microsoft is deteriorating as Microsoft decides to enter the security arena. It’s easy to understand why Symantec is particularly critical of Microsoft’s products.
However, “shouting” about vulnerabilities in an unreleased operating system serves no useful purpose, commented analyst John Pescatore of Gartner. It may only serve to promote and market Symantec itself. “They want to sell desktop security software even when Vista launches,” speculated Pescatore.
Moreover, whenever new vulnerabilities are discovered, security firms always benefit in terms of publicity. “Could users find them more trustworthy?”
Thien Y
