A security firm has found a
flaw
in Windows Vista that could allow rootkits to be hidden in the
OS or a denial-of-service attack to be launched.
The vulnerability was found by Austrian security company Phion,
which discovered the vulnerability last month. Microsoft has been
informed about the threat, but so far has not announced any plans
to fix it.
No attacks are said to have been made using the vulnerability
yet, which is said to be linked to the network input/output
subsystem of Vista.
Certain requests sent to the iphlpapi.dll API can cause a buffer
overflow that corrupts the Vista kernel memory. This buffer
overflow could be exploited to inject malicious code, says Phion.
Rootkits are programs that can be hidden in an OS, and can be used
to remotely spread malware in the system by hackers.
