Windows Vista and Internet Explorer security flaw exposed
By Triston McIntyre
For those of you that were convinced Vista was the fool-proof operating system of the future, be prepared for a system shock: Microsoft has found a security issue in both Vista and the new Internet Explorer 7!
Wait; before you start re-evaluating your life’s meaning, know that Microsoft does not consider the bug to be “high-risk.”
It seems that for whatever reason, hackers have been applying themselves in an attempt to exploit security flaws in Vista’s new defenses, and have succeeded.
The problem lies in a component that is not correctly validating identities, which means that hapless users may have their private information, like credit card numbers, passwords, and social security numbers “phished“, or fraudulently taken.
To take advantage of the vulnerability hackers would need phyiscal access to the Vista PC to gain access to information in protected files. According to Microsoft, they may not actually be able to open the file itself, though they would be able to view the file information.
To make matters worse, the French Security Incident Response Team, who alerted Microsoft to the problem, said not only Vista users are susceptible to such attacks; the loophole could be exploited in Windows XP, 2000, and Server 2003 as well.
Microsoft says the best way to avoid such phishing is to simply open up a new Internet Explorer page every time you visit an untrusted web page.
No problem Bill, we will, in the interest of safety, open up a new instance of Internet Explorer every time we aren’t visiting one of our trusted websites.
Microsoft is expected to release a fix in one of its monthly patch updates soon.
Related:
Stumble It!
Entry was posted
on Monday, February 26th, 2007 at 7:02 pm
under 
Print This Post
Read more entries by Triston McIntyre.
