Last week the CVE project issued nine newCVEs for Vista, numbered CVE-2007-1527 through CVE-2007-1535. Whilethese CVEs were directly based on our findings in Windows Vista Network Attack Surface Analysis[1] report (released as a Symantec Security Response whitepaper on March 7th), they had been requested by a third party. I'll describe each of these in this post.
We don't feel that most of the issues are especially significant.Microsoft reviewed the paper prior to its public release and Symantecwould participate in any warranted responsible disclosure forvulnerabilities.
We regard CVE-2007-1535 asimportant, and...
