Security

User Account Control Frustrations

Another aspect of Vista that bothers users is the User Account Control feature, which is meant to enhance PC security. When logged in to a normal (limited) account, users encounter “pop up confirmation dialogues when [Vista] needs to perform admin functions.”¹² Consequently, most users prefer to use an administrator account, which has no pop ups, despite warnings that doing so allows hackers “full access to all your file system and registry”.¹² This method, although convenient, does not provide as much security.¹³

Vulnerabilities

Vista was discovered to have many vulnerabilities following its release. Among them are:

• A Windows Defender flaw which allows an outsider to manipulate a user’s entire computer using Vista’s speech recognition engine to carry out orders on the user’s computer.¹⁴

• Hackers can trick a computer into communicating with an outside computer by sending a HELLO packet with a valid spoofed IP address for the local network.¹⁴

• Attackers can simulate a nonexistent network component by sending fake HELLO packets.¹⁴

• Extensible markup language (XML) errors can be forced by hackers who send faulty emit packets.¹⁴

• Hackers can corrupt address resolution protocol (ARP) tables by sending faulty gratuitous ARP table entries.¹⁴

• Attackers can conduct redirect attacks by responding to network neighbor queries.¹⁴

• Windows Image Color Management system permits hackers to corrupt your PC when you access contaminated emails, documents, or pictures. ¹⁵

• Windows Media Player’s streaming process of audio files allows corrupted music to contaminate [a user's] PC.¹⁶

• “Clicking a malicious link [in Office 2007's OneNote note-taking software] could trigger a digital assault.”¹⁶

page_revision: 23, last_edited: 1238727099|%e %b %Y, %H:%M %Z (%O ago)