Anilrgowda

VULNERABILITIES in Windows Vista will plague users in coming months and years, a prominent security researcher warns, despite its security improvements over predecessor XP.
Security bug-hunters are now turning their attention to the new platform and users should not expect Vista to be immune to attack, said Marc Maiffret, founder and chief hacking officer of eEye Digital Security.
"I don't think it's a huge leap forward," he says. "Here we are a few weeks after Vista's been released to retail and there's already been five or six different Vista-specific vulnerabilities."
Last week eEye discovered a vulnerability in Microsoft's Office 2007 software which it claims can be exploited in Vista.
But Mr Maiffret does not blame the software giant for the mismatch between the market's expectations about Vista's security and the less palatable reality. "There's no other software company that does more to secure their code than Microsoft," Mr Maiffret says. "It's weird to me that a lot of people think there should be this thing that we reach at some point where the operating system is impenetrable... I don't think that is ever going to happen."
Matt Thomlinson, Microsoft's senior director of security engineering, says Vista is a vast improvement on XP. He highlights the system's handling of system memory as a big step forward.
Protective measures that detect the abuse of a computer's memory by an attacker have been written into the operating system, and Vista's processes are now loaded randomly into memory for security purposes.
By randomly placing system files into memory while booting, the operating system is harder to attack, he says.
Some digital attacks require the perpetrator to know precisely where certain processes are located in memory. By randomising the layout of the operating system in a computer's memory, Mr Thomlinson hopes Vista will sidestep an entire class of attacks.
"The idea here is . . . we want our customers to get the advantage of natural variation. Every Windows box looks just a little bit different to an attacker," he says. "So if somebody is writing (attack code) and they're depending on something being in a certain place, it's not going to work, or it will only work one half of 1 per cent of the time."
Chris Spencer, Australian vulnerability researcher and organiser of the Sydney-based Ruxcon security conference, is more upbeat than Mr Maiffret when assessing the improvements to Windows. "The heap management system's been improved, so it's going to be a lot harder to exploit vulnerabilities," he says. "Not impossible, but a lot harder."
Like Mr Maiffret, Mr Spencer predicts bugs will still be found in the operating system, but hackers and researchers like himself will have to work much harder to transform security glitches into meaningful attacks. "It's going to be a massive improvement," he says.
Hear more of Patrick Gray's interview with Marc Maiffret on his podcast at www.itradio.com.au/security.


Source:Vista still vulnerable - Security - Technology - smh.com.au