Infoworld reports that an Austrian security vendor has found a vulnerability in Windows Vista that it says could possibly allow an attacker to run unauthorized code on a PC.
>> Researchers find vulnerability in Windows Vista
The problem is rooted in the Device IO Control, which handles internal device communication. Researchers at Phion have found two different ways to cause a buffer overflow that could corrupt the memory of the operating system's kernel.
>> Researchers find vulnerability in Windows Vista