Microsoft has had a huge team of highly-paid techies going over Windows Vista for months and months with a fine tooth comb and no apparent issues, but serious flaws have turned up only days after exposing the new operating system to the general software community. The too-familiar lesson is that corporate management somehow always manages to discourage employees from airing and/or candidly examining in-house problems — issues never seem to surface until outsiders have had a looksee.
A 12.25 N.Y. Times story says that Microsoft is facing an early crisis of confidence in the quality of its Windows Vista operating system as computer security researchers and hackers have begun to find potentially serious flaws in the system that was released to corporate customers late last month.
“On 12.15, a Russian programmer posted a description of a flaw that makes it possible to increase a user√ɬ¢√¢‚Äö¬¨√¢‚Äû¬¢s privileges on all of the company√ɬ¢√¢‚Äö¬¨√¢‚Äû¬¢s recent operating systems, including Vista. And over the weekend a Silicon Valley computer security firm said it had notified Microsoft that it had also found that flaw, as well as five other vulnerabilities, including one serious error in the software code underlying the company√ɬ¢√¢‚Äö¬¨√¢‚Äû¬¢s new Internet Explorer 7 browser.
“The browser flaw is particularly troubling because it potentially means that web users could become infected with malicious software simply by visiting a booby-trapped site. That would make it possible for an attacker to inject rogue software into the Vista-based computer, according to executives at Determina, a company based in Redwood City, Calif., that sells software intended to protect against operating system and other vulnerabilities.
“Determina is part of a small industry of companies that routinely pore over the technical details of software applications and operating systems looking for flaws. When flaws in Microsoft products are found they are reported to the software maker, which then produces fixes called patches. Microsoft has built technology into its recent operating systems that makes it possible for the company to fix its software automatically via the internet.”