The first major Vista vulnerability has been resolved in a patch issued out by Microsoft. The vulnerability was found in Vista’s malware protection engine, which could have been used by hackers and malware alike to compromise the Vista OS. Talk about irony…

“Patch Tuesday,” when Microsoft Corp. releases repairs for problems in its software, came and went this week with six critical fixes — including the first one that touches Vista, the new operating system billed as the most secure Windows version yet.

The hole registers high on the irony scale: The flaw was in a “malware protection engine” that helps several Microsoft security products — including “Windows Defender” for Vista — guard against online threats. The problem could let an outsider “take complete control” of a victim’s computer, according to Microsoft’s security advisory.

This isn’t to say that Vista had previously appeared clean. Already a few vulnerabilities have popped up — including a remarkably low-tech hack.

In that case, security researchers noted a problem with Vista’s improved speech-recognition system, which lets people speak commands to the computer. It turns out that sounds played over the PC’s speakers — on a malicious Web site configured for this very purpose, for example — can trigger Vista’s speech-recognition engine and execute commands on a victim’s computer.[more]

Tags: Hackers, Malware, Computer Protection, Bugs