USNCVA - Now Read This

NOW READ THIS
("Security Advisory")

Go Back

Submitted by: Bill Hickey
NCVA List Master

NRT-0072 VISTA Firewall Easily Tricked:

A researcher at Symantec Corporation says Windows VISTA's firewall can easily be subverted because of design decisions made by Microsoft. A Symantec security response team member who authored a study released this week on how well VISTA stands up to current malware, took the new operating system's firewall to task today in a blog. The problem is that while VISTA's firewall blocks all third-party and untrusted network traffic unless the user clicks the "unblock" button, it's not hard for attackers to code their malware so that the software surreptitiously clicks the button. The SendMessage API call can be used to automate that function. Microsoft could have guaranteed that only a click by a real live user would unblock the firewall for an application requesting Internet access. They could have coded it so only an interactive user could click the button. Microsoft officials could not be reached for comment.

(ComputerWorld 02MAR07)

Last Modified: Tuesday, 06-Mar-2007 16:59:14 EST

NOW READ THIS ("Security Advisory")

NRT-0072 VISTA Firewall Easily Tricked:

NOW READ THIS
("Security Advisory")