Symantec reports on Vista account control flaws

Symantec is still spending some time looking at the upcoming Vista system, identifying some bugs and security issues. This week it's focused on relating how the Microsoft OS has some security flaws within the User Account Control (UAC) feature. According to Symantec, an attacker could commandeer a Vista PC using IE 7 by burying a nasty file on a Vista UAC when a malicious Web site is visited.  According to the security vendor's report, the malware could provide unauthorized access to the PC for malicious intentions. Microsoft, for its part, says the vulnerability is tied to a user logging in with an administrator account, a practice it doesn't recommend. The Symantec report is the second of three the vendor will be releasing on Vista, due out in January. The third report, supposedly coming this week as well, will highlight security issues with the Vista core.

For more on Vista vulnerability issues:
- check out this article at CNet News.com