Real Geek Forums > Archives > Operating Systems > Windows Vista > Windows Vista Security > New Vista Security Flaws - Should we be concerned?

New Vista Security Flaws - Should we be concerned?

Posted: 02-06-2007, 10:00 PM
Roscoe
Guest
Posts: n/a
 
Should we be concerned about two more dangerous exploits/security flaws
uncovered by “Long” and “Zheng” (two Swedish security experts using these
names to hide their identity from Microsoft)?:

"The first exploit is a bug inside the keyboard and mouse subsystem which
enables the targeted system to be hijacked and maliciously delete files,
folders, music, torrents and other important sounding stuff without the user’s
authorization or control.

Details of how such an exploit works are sketchy, but leaked documents
reveal the keyboard and mouse APIs offers unprecedented amount of control
over an operating system, allowing anyone and everyone to have full access
to your computer with or without your authorization. This exploit allows
anyone ranging from younger siblings to gang leaders who could use brute
force, such as a punch or tickle, to gain access to your keyboard and mouse
cursors and perform malicious activities such as browsing The Inquirer or
deleting vital fraudulent financial documents.

A second exploit highlights a serious flaw inside the popular
Windows-platform development tool, Visual Studio. An undocumented feature
inside this software is said to enable the ability for malicious users to
compile and execute unsigned and potentially damaging source code. If users
somehow come across malicious source code and decide to copy, paste, compile
and execute within Visual Studio, the resulting application could change
wallpapers, block access to YouTube, increase the volume and other serious
irreversible damages to the computer system."

Reply With Quote

Responses to "New Vista Security Flaws - Should we be concerned?"

Mark Burnett
Guest
Posts: n/a
 
Re: New Vista Security Flaws - Should we be concerned?
Posted: 02-06-2007, 10:44 PM
> This exploit allows anyone ranging from younger siblings to gang leaders
> who could use brute force, such as a punch or tickle, to gain access to
> your keyboard and mouse
Read it again, its a joke.



Reply With Quote
akita
Guest
Posts: n/a
 
Re: New Vista Security Flaws - Should we be concerned?
Posted: 02-07-2007, 12:55 AM
"Mark Burnett" wrote:
> Read it again, its a joke.
Sorry Mark, but NO, it ain't a joke! Read here:

http://www.istartedsomething.com/200...vista-exploits
Reply With Quote
Mark Burnett
Guest
Posts: n/a
 
Re: New Vista Security Flaws - Should we be concerned?
Posted: 02-07-2007, 01:13 AM
> Sorry Mark, but NO, it ain't a joke! Read here:
>
> http://www.istartedsomething.com/200...vista-exploits
Haha, just because it has a url doesn't mean its not a joke.

Vulnerability one:
- Vista allows someone to hijack a computer due to a flaw in the "keyboard
and mouse subsystem"
- "This exploit allows anyone...who could use brute force, such as a punch
or tickle, to gain access to your keyboard

Vulnerability two:
- Visual Studio allows malicious users to "compile and execute unsigned and
potentially damaging source code"
- "If users somehow come across malicious source code and decide to copy,
paste, compile and execute within Visual Studio, the resulting application
could change wallpapers, block access to YouTube, increase the volume and
other serious irreversible damages to the computer system."

and also:

"Next week, keep an eye out for the exclusive report on why Solitaire is a
fire hazard. How the end-game fireworks might burn down your operating
system."

etc.




Reply With Quote
Jesper
Guest
Posts: n/a
 
Re: New Vista Security Flaws - Should we be concerned?
Posted: 02-08-2007, 07:07 AM
"Mark Burnett" wrote:
> > Sorry Mark, but NO, it ain't a joke! Read here:
> >
> > http://www.istartedsomething.com/200...vista-exploits
>
> Haha, just because it has a url doesn't mean its not a joke.
Watch for your favority security vendor to publish Intrusion Prevention
System signatures soon to protect you against these types of glaring issues.
I heard the leading analyst organizations are preparing statements to warn
people too.

Reply With Quote
Dennis Pack
Guest
Posts: n/a
 
Re: New Vista Security Flaws - Should we be concerned?
Posted: 02-08-2007, 03:43 PM
Jesper:
Hopefully there will be a better tool. The only tool that's been
able to control the loose nut behind this keyboard is to turn the computer
off. Have a great day.

--
Dennis Pack
XP x64, Vista Enterprise x64
Office2007
"Jesper" <Jesper@discussions.microsoft.com> wrote in message
news:5E712D63-9DC7-48F1-9371-DC170BEB67A2@microsoft.com...
> "Mark Burnett" wrote:
>
>> > Sorry Mark, but NO, it ain't a joke! Read here:
>> >
>> > http://www.istartedsomething.com/200...vista-exploits
>>
>> Haha, just because it has a url doesn't mean its not a joke.
>
> Watch for your favority security vendor to publish Intrusion Prevention
> System signatures soon to protect you against these types of glaring
> issues.
> I heard the leading analyst organizations are preparing statements to warn
> people too.
>
Reply With Quote
Kevin Spencer
Guest
Posts: n/a
 
Re: New Vista Security Flaws - Should we be concerned?
Posted: 02-08-2007, 04:06 PM
In fact, I understand the leading keyboard manufacturers are working on some
safegurads - childproof keyboard covers and fingerprint-sensitive mice.

--

Kevin Spencer
Microsoft MVP
Software Composer
http://unclechutney.blogspot.com

The shortest distance between 2 points is a curve.

"Jesper" <Jesper@discussions.microsoft.com> wrote in message
news:5E712D63-9DC7-48F1-9371-DC170BEB67A2@microsoft.com...
> "Mark Burnett" wrote:
>
>> > Sorry Mark, but NO, it ain't a joke! Read here:
>> >
>> > http://www.istartedsomething.com/200...vista-exploits
>>
>> Haha, just because it has a url doesn't mean its not a joke.
>
> Watch for your favority security vendor to publish Intrusion Prevention
> System signatures soon to protect you against these types of glaring
> issues.
> I heard the leading analyst organizations are preparing statements to warn
> people too.
>

Reply With Quote
 
LinkBack Thread Tools Display Modes
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
VISTA SECURITY R. A. Pazderski Windows Vista Security 32 02-02-2008 12:57 PM
Search Function flaws? sherlock Windows Vista File Management 3 03-21-2007 06:09 AM
Vista Security Vulnerabilities showing in Security scan PA Bear Windows Vista Security 3 12-21-2006 05:03 PM
Security in Vista Business vs. Vista Ultimate Jeff Lynch [MVP] Windows Vista Security 4 12-15-2006 09:48 AM
Some MAJOR backups flaws audio Windows Vista Performance & Maintenance 0 09-09-2006 06:16 PM