"Windows Vista includes many new enhancements and features which improve the overall operating system security,” said Thomas Garnier, Senior Research Engineer at SkyRecon Systems Inc. “During our ongoing research in the Windows Vista kernel and the ALPC interface, we found an important vulnerability which could be used to gain privilege and then execute code in the Vista kernel."

Affecting the kernel in both the 32-bit and 64-bit versions of Windows Vista, the identified vulnerability could allow an attacker to take complete control of the affected system. The attacker could use their increased privileges to install programs; view, modify, erase, or remove data; or even create new accounts that possess full administrative rights to the system, applications, and data.

More information regarding the vulnerability and Microsoft Security Bulletin can be found at:
-- Microsoft Security Bulletin MS07-066 – Important Vulnerability

“Vulnerability research is a critical component in designing generic, effective, and efficient layers of protection,” said Yann Torrent, Director of Research and Development at SkyRecon Systems, Inc. “At SkyRecon Systems, our research team aims to understand each Windows component in order to identify possible threats such that comprehensive protections can be built within our unified endpoint protection solution.”

SkyRecon’s StormShield uses multiple protection layers to address every aspect of endpoint and data protection and does so through a single, lightweight agent. As the industry’s first unified endpoint protection solution to integrate behavioral-based host intrusion prevention with device control and content encryption, StormShield provides real-time defenses designed to protect an organization’s endpoints and the critical business data that resides on them – without the need for patches or signatures.