Unterleitner Thomas, an employee of the publisher phion Austrian security, said he discovered a vulnerability in the TCP / IP Windows Vista operating system that could allow the execution of type attacks buffer overflow or overrun buffer. He explains that he informed Microsoft of the existence of this vulnerability in late October, and affirms that the publisher did not intend to make the necessary corrections before the release of Service Pack 2, or SP2, Windows Vista, that 'expectations for the first half of 2009.
According to security bulletin published on November 20 by phion, the existence of this vulnerability has been found in 32 editions and 64-bit Windows Vista Enterprise and Ultimate, and SP1 would not change the situation. According Unterleitner, some queries using the library Iphlpapi.dll could cause a buffer in the memory used by the kernel, and cause the system crash, resulting in the appearance of the famous BSOD (Blue Screen of the Death). Eventually, it can be assumed that this buffer overflow allows the injection of code in system memory, and therefore encourages the remote control of the machine.
To exploit this flaw, however, it is that the attacker has - or ownership - the rights administrators on the machine on the network, puts the researcher, however, that evokes the possibility of bypassing this protection through a package DHCP specially designed. In the end, despite the existence of a vulnerability, the risks are fairly low, which probably explains why Microsoft has not - at least for now - include the vulnerability in its program of updates December.
Reply With Quote
Bookmarks