Microsoft Windows Vista And Vulnerabilities

3002 Words13 Pages
Table of Contents
History of Microsoft Windows Vista and vulnerabilities 2
Discussion about vulnerability 6
How Buffer overflow works: 6
Prevent against Buffer overflow: 6
General security approaches which can be applied to the system 7
Evaluation of a third party protection mechanism 8
References 9

This report is containing four tasks and the aim of this report is to discuss vulnerabilities which are existed in Microsoft Windows Vista over the whole year 2008. In this report I will provide a reasonable level discussion of the history and vulnerabilities of Microsoft Windows Vista. The main sections are:
 History of Microsoft Windows Vista and vulnerabilities
 Discussion about vulnerability
 General security
…show more content…
In Windows Vista, BitLocker Drive Encryption provides better data protection for computers. Microsoft has also indicated that there was a significant improvement has made on the Windows Firewall and Windows Defender. However, Windows vista builds and released to public users with many vulnerabilities like most other previous versions of Microsoft operating system. (Windows 2013)

Below is a summary list of Microsoft windows vista vulnerabilities over one year:

Date
CVE ID
(Vulnerability)
Vulnerability types Score out of 10
Complexity
25/11/2008 CVE-2008-5229 DoS Overflow +Priv 6.9 Medium
12/11/2008 CVE-2008-5044 DoS 4.0 High
20/10/2008 CVE-2008-4609 DoS 7.1 Medium
10/12/2008 CVE-2008-4269 Exec Code 8.5 Medium
10/12/2008 CVE-2008-4268 Exec Code 8.5 Medium
23/10/2008 CVE-2008-4250 4 Exec Code Overflow 10.0 Low
16/09/2008 CVE-2008-4114 1 DoS 7.1 Medium
14/10/2008 CVE-2008-4038 Exec Code Overflow 10.0 Low
14/10/2008 CVE-2008-4036 Overflow +Priv 7.2 Low
03/09/2008 CVE-2008-3893 +Info 1.9 Medium
10/12/2008 CVE-2008-3465 DoSExecCodeOverflow 9.3 Medium
10/09/2008 CVE-2008-3013 Exec Code 9.3 Medium
14/10/2008 CVE-2008-2252 +Priv Mem. Corr. 7.2 Low
14/10/2008 CVE-2008-2251 +Priv 7.2 Low
14/10/2008 CVE-2008-2250 +Priv 7.2 Low
10/12/2008 CVE-2008-2249 Exec Code Overflow 9.3 Medium
12/08/2008 CVE-2008-2246 Bypass +Info 7.8 Low
11/06/2008
Get Access