A potentially serious flaw has been discovered in the Windows Vista networking subsystem, but a patch isn't likely until the next service pack.
According to CNet, the vulnerability – discovered by Thomas Unterleitner of security firm Phion last Friday – can cause a buffer overflow condition in the iphlpapi.dll API for the network IO subsystem of Vista. While the issue has only been proven to corrupt kernel memory and cause a system crash, the possibility exists that a specially crafted exploit could run code provided by an attacker.
Uncategorized November 24th 2008