Here's an update on a previous Tech Insider post. This spring, security researcher Joanna Rutkowska said she would show how to break into Microsoft's Vista, a Windows operating system Microsoft claims is its most secure yet.
Rutkowska did just that at the recent Black Hat USA 2007 training conference, showing how it is "possible to bypass security measures in Vista that should prevent unsigned code from running," according to a CNET article. "And in a second part of her talk, Rutkowska explained how it is possible to use virtualization technology to make malicious code undetectable, in the same way a rootkit does."
Vista's security has particular significance for the federal government. In March, the Office of Management and Budget mandated agencies follow a standard Microsoft Windows operating system configuration (which may eventually include Vista) to improve information security across government. How much safer the mandate makes government systems is up for debate, with some arguing it won't and others that it will.
As a followup to her talk at Black Hat, Rutkowska posted an item on her blog at invisiblethings.org dicussing the subject more.