NEW YORK: Microsoft Corp.'s new operating system Vista that was released to corporate customers in November has more flaws and vulnerabilities, it came to light Monday.
According to a recent posting by a Russian programmer, it is possible to enhance the user's privileges on all the operating systems introduced by the company recently, including Vista.
The posting talked about the privileges of a standard user account in Vista and other versions of Windows that can be increased, allowing control of all of the operations of the computer. In Windows systems, users are governed by restrictions on functions depending on their privileges and only certain administrative accounts have the complete power.
A leading security firm confirmed it had identified this flaw in Vista as well as several other vulnerabilities, including a serious threat perception involving the Internet Explorer 7 browser. According to the firm, a user using the browser could be infected with malicious software simply by visiting certain websites which have planted such software. This leads to the attackers infecting the computer using the Vista OS.
Microsoft said it is closely monitoring the vulnerability described by the Russian programmer. Mike Reavey, operations manager of the Microsoft Security Response Center, said currently there is no public exploitation of attack activity is noticed with regard to the flaw. He maintained while this could be a vulnerability, Vista is still the most secure platform to date.
The company said it is also looking into the reported flaw in Internet Explorer 7.
These reports and the hesitation on the part of large corporations to directly adopt Vista is proving to be costly for Microsoft, which has spent millions in developing the update and has claimed it to be the most secure of all operating systems.
An officer of security firm Trend Micro said last week he had come across an offer on an internet discussion form that a security flaw in Vista is available for $50,000.
