Vista receives the first potshot on its supposedly impenetrable armor as Microsoft confirms the existence of a PoC code that targets the Client Server Run-Time Subsystem. This PoC affects Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2, and Windows Vista. It reportedly allows the local elevation of privilege. Initial analysis, however, shows that in order for the attack to be successful, the attacker must already have authenticated access to the target system.

As can be expected, Microsoft still maintains that Vista is their most secure platform to date. Que sera, sera. Happy patching in 2007!