I’m really hoping this story I read this morning from Linux and Open Source Blog is true, about Russian hackers finding method to escalate a user’s privileges in Windows Vista. It is something like this that make it’s quite obvious that over-hyping and marking the security of a product doesn’t make the product more secure. Of course I could get into every single argument under the sun about the security pros and cons of both proprietary and open source software, but I think events such as this speak for themselves. Unfortunately there are no references in the article, so I’m not completely holding my breath on the validity of it’s claims until I see some…
On Linux and Open Source Blog:
Russian hackers posted instructions to an underground forum describing how to implement “privilege escalation,” which could bypass some Vista security measures. This hack could escalate the “privileges” of a normal Vista user into that of a “superuser,” allowing him to change anything he desired on the system. This would be particularly dangerous in a corporate environment where normal computer users have limited privileges, in that they cannot install programs, visit certain Web sites, etc. This threat is considered so serious that Microsoft has scrambled its “Security Response Center,” which is ostensibly still trying to figure out what to do.
Hmm … “the most secure version of Windows yet” … nah.