I'd be more interested in a fix for Vista's random wireless network disconnects that seemingly can only be cured by a reboot.

The official Vista fix can be found in the form of an XP Pro install CD.

..Vista?...something that functions effectively would be a start...

Vista UAC will protect against this. Unless someone is foolish enough to turn it off.

FTA: XP is immune.

It's a shame Microsoft is too blind to realize what assets they have, before, ya know, they destroy them.

Let's hope Microsoft gets off it's high horse and supports XP until the users don't want to use it anymore... and not the other way around.

I still can't believe that MS is dictating that I should use an insecure OS... honestly.

"The vulnerability affects Enterprise and Ultimate versions of Vista in both 32 and 64 bit flavours of the operating system"

Possibly a daft question but does this mean that it hasn't been tested on the other editions or does it mean that the other editions don't have this flaw?

It's called upgrade. Your choice if you prefer XP or Linux.

...install XP.

=P

"A fix for the flaw from Microsoft is unlikely until the next service pack for Vista, according to Thomas Uterleitner of Phion."

That's a stunning suggestion. The BugTraq post makes it quite clear that the cause is simply trusting a "number of bytes to copy" parameter, rather than validating it. That would be a two-line fix then, with NO change in the intended behaviour, for something that allows privilege escalation. It was reported on 22nd October, so it probably missed the deadline for November's patches (these things have to be regression tested), but I'd expect to see it next month. If you can't regression test a "no-op" in less than a month, there's something wrong with your process.

At least there aren't that many people using Vista...

Random wireless network disconnections that require a reboot make me a saaaaaaaaaaaaaad panda.

C'mon, you're talking about Vista here. Potential damage to the what what of what?

Here's a flaw that allows injection of hostile code, with no estimate on when it will be patched. Yet we're told that it's not worth defending against. If I were a malware author, I'd love to have a vulnerability that I know won't be fixed for several months. So what if it's a bit tricky – there's plenty of time to work on it.

Interesting to note it doesn't affect XP, which means it's something new they introduced in Vista.

"At least there aren't that many people using Vista.."

But lots and lots and lots more than use Linux.

"A fix for the flaw from Microsoft is unlikely until the next service pack for Vista, according to Thomas Uterleitner of Phion."

So that's Windows Seven isn't it?

Uh-huh. That would be my #1 fix request.

Followed by the removal of whatever instigates that green address bar thingy in Windows Explorer, and the associated wait that comes with it.

Followed by the reinstatement of the slideshow view of photos in WindowsExplorer.

Followed by the option of an "Up one level" icon.

Other than that, things are decent enough - insofar as I don't actually recall Vista ever crashing on me. Although the same could be said for XP since SP2.

But that's just me.

Try skulking about in a more upscale neighbourhood. Shutting off the car engine helps to keep the connection alive.

I just knew when I clicked on the comments that there would be plenty of posts saying things along the lines of "The unofficial fix is to install XP".

The sad thing is that it is actually true.

I am forced to use Vista as all my important applications won't run on XP.

No hang on, I mean I chose to use XP since some things I do are still a bit tricky on Linux and Vista.

Unless Microsoft can break XP then people will still keep using it.

How about they change the look of XP and call it Vista XP. You can re-skin your website using CSS so why not reskin XP?

"Possibly a daft question but does this mean that it hasn't been tested on the other editions or does it mean that the other editions don't have this flaw?"

It's all in the BugTraq posting. They've only tested those two editions. Given the nature of the flaw, they presume that other editions are affected.

Also, note that you have to run the malware as an Administrator or a Network Configuration Operator to be at risk. In the first case, you've already lost, so unless you have some of your users in the second group, it isn't strictly a vulnerability. (That's probably why they haven't bothered to check the more domesticated editions.)

The only people who can exploit the bug are members of the Network Configuration Operators group. (Administrators already have full access to the machine so there's nothing for them to exploit.)

Number of users in that group by default: Zero.

I'm sure there are a few cases where people are using that group, and Microsoft's slow response at issuing what should be a trivial fix -- just bounds-check the input -- for a bug that will be serious to some is a disgrace, but let's keep things in perspective. This won't affect many people and blanket "lol, you shoud go back to XP" statements are ignorant & stupid.

You're forgetting about all the legitimate Microsoft services running in the background that are explicitly using this 'feature'.

I find switching off my wireless card then back on again results in a reconnect 99% of the time on my Toshiba.

Still a massive pain in the backside though, and why I mostly use XP still (and I'd have to admit that I like Vista, I don't have any other problems when using it)

"Administrators already have full access to the machine so there's nothing for them to exploit."

Uh, sorry, but I think that since they are Admins of the machine, any exploit they attempt to use will obviously succeed.

So it's not "there's nothing for them to exploit", but more like "there's nothing to protect them from an exploit".

Also affects windows server 2008, as shown by a quick test.

I'm not so concerned about malware as I am for the potential to crash a system because of a failure to validate an input parameter!

HEAR HEAR!!!

All,

please note that phion HAS NOT published an unofficial vix for the Vista vulnerability but a remedy for its netfence entegra product.

Thanks,

Constanze