informa
/
Attacks/Breaches
News

SkyRecon IDs New Microsoft Vista Vulnerability

SkyRecon research team provides information leading to patch of Vista flaw

SAN JOSE, Calif. -- SkyRecon Systems, the premier provider of unified endpoint security solutions, today announced that its research team uncovered an elevation of privilege vulnerability CVE-2007-5350 in the Microsoft® Windows® Vista™ operating system.

"Windows Vista includes many new enhancements and features which improve the overall operating system security," said Thomas Garnier, Senior Research Engineer at SkyRecon Systems, Inc. "During our ongoing research in the Windows Vista kernel and the ALPC interface, we found an important vulnerability which could be used to gain privilege and then execute code in the Vista kernel."

Affecting the kernel in both the 32-bit and 64-bit versions of Windows Vista, the identified vulnerability could allow an attacker to take complete control of the affected system. The attacker could use their increased privileges to install programs; view, modify, erase, or remove data; or even create new accounts that possess full administrative rights to the system, applications, and data.

More information regarding the vulnerability and Microsoft Security Bulletin can be found at:

Microsoft Security Bulletin MS07-066 - Important Vulnerability

"Vulnerability research is a critical component in designing generic, effective, and efficient layers of protection," said Yann Torrent, Director of Research and Development at SkyRecon Systems, Inc. "At SkyRecon Systems, our research team aims to understand each Windows component in order to identify possible threats such that comprehensive protections can be built within our unified endpoint protection solution."

SkyRecon Systems

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5