Vista Hacked

Following on from Matt's post about Microsoft's involvement at the Black Hat Security conference, I was interested to read elsewhere that while we were touting the security of Vista, in another room someone else was explaining how they exploited a vulnerability in the operating system and was able to run some malicious code.

My first reaction was to panic because our supposedly secure operating system that I have been talking about so confidently with customers and partners was in fact far from secure.  This was my first reaction.

Then I realised that this vulnerability is a good thing - and highlighting it at a conference is even better.  When Bill Gates setup the Trustworthy Computer Initiative four years ago, his intention was to achieve this kind of result.  By opening up pre-release versions of software to the IT community we have a chance to make the best possible software for our customers.  This includes security - which we are very serious about. 

Let's also remember that Vista is still in beta release and vulnerability was in fact demoed on an early release - not the most recent.  However, rest assured that this vulnerability will be fixed, and any other for that matter before the product is shipped.

Bill Gates has also stated that if Vista isn't ready in time, for whatever reason - including security, he won't let it ship.  Good for him, I wouldn't release something I wasn't 100% happy with - especially when it affects so many people.

Comments

• Anonymous
  August 07, 2006
  The comment has been removed
• Anonymous
  August 08, 2006
  Fair point, n4cer, but I guess that most users are naive - that's the problem :-)
  
  You are right though that my comments about it being a vunerability are probably untrue - especially with the UAC getting in the way of the attack.
  
  The question I guess is how do you wrap users up in cotton wool without them becoming too stuffy?