Vista's Growing Popularity Draws Hackers' Malice
Posted On Thursday, January 31, 2008 at at 1/31/2008 12:27:00 AM by nullDecember's Patch Tuesday finds Vista in bad guys' sights. Plus: Get Office 2007 SP1, get your fix for Flash, and avoid an HP laptop disaster.
With more people finally switching to Windows Vista, the operating system is fast becoming a target for security researchers and--surprise!--hackers.
Though Vista is generally more secure than earlier versions of Windows, hackers are increasingly finding ways through, or around, its defenses. Indeed, this is the first time since the operating system debuted last year that virtually every hole discussed in this column affects Vista in one way or another.
Exhibit A: Microsoft released three "critical" patches in December to fix security holes that affect earlier versions of Windows, including XP Service Pack 2, but they can also bite if you're running Vista.
One patch addresses four holes in Internet Explorer 6 and 7. (This "cumulative update" incorporates all previous patches, just in case you've slipped behind in your patching duties.) One of the flaws, in the way IE handles Dynamic HTML, was under attack when Microsoft shipped the patch.
The other two patches correct problems in Windows' processing of certain multimedia files. One fixes a vulnerability in DirectX, while the other closes a hole that the operating system has in its treatment of some audio and video files.
Whenever Microsoft labels a bug "critical," the vulnerability has the potential to leave you at criminals' mercy.