The Month: Symantec reports weaknesses in Windows Vista | SC Media

The Month: Symantec reports weaknesses in Windows Vista

September 4, 2006

Symantec has reported a number of vulnerabilities in Windows Vista in its third report on the new OS. Although the two companies are partners, Symantec is now in direct competition with Microsoft following the latter's move into the anti-virus space.

Matthew Conover, principal security researcher at Symantec, said in thereport that although the overall security of the OS kernel has increaseddramatically over XP, "we have identified certain weaknesses in thekernel enhancements that may be leveraged by malicious code to underminethese improvements".

Conover claims the PatchGuard feature, which checks the integrity of keyparts of the kernel code, can be disabled. His other concern is thatattackers could force dangerous unsigned driver software to run bypatching core OS files. The same feature has already been attacked bysecurity researchers at Black Hat.

Microsoft says the report, "Assessment of Windows Vista Kernel-ModeSecurity", which focuses on build 5365 of Vista, a 64-bit versionreleased in April, is old news, as most of the issues have been dealtwith in later versions. Vista is the company's successor OS to XP, andis set to go on general release in January.

prestitial ad