A security firm has found a flaw in Windows Vista that could allow rootkits to be hidden in the OS or a denial-of-service attack to be launched.
The vulnerability was found by Austrian security company Phion, which discovered the vulnerability last month. Microsoft has been informed about the threat, but so far has not announced any plans to fix it.
No attacks are said to have been made using the vulnerability yet, which is said to be linked to the network input/output subsystem of Vista.
Certain requests sent to the iphlpapi.dll API can cause a buffer overflow that corrupts the Vista kernel memory. This buffer overflow could be exploited to inject malicious code, says Phion. Rootkits are programs that can be hidden in an OS, and can be used to remotely spread malware in the system by hackers.