Yes, you have read it right. Hacks certified for Windows Vista are on the way. If you have developed a hack exploit platform for Windows Vista, why not certify it for the operating system. The question at this point is: will Windows Vista continue to be touted as the most secure Windows platform if there are hacks certified for it?

Currently, H.D. Moore, founder of the Metasploit Project and a developer of the Metasploit Framework, is laboring to set a precedent in this respect. Well, laboring is not exactly the term that describes the amount of effort he has put into certifying the Metasploit Framework for Windows Vista.

"Not all bugs are being detected by Vista," revealed H.D. Moore to eWeek. "Look at how a hacker gets access to the driver: Right now I'm working on Microsoft's automated process to get Metasploit-certified. It costs $500."

The open source platform designed for developing, testing and using exploit code could end up being certified for Windows Vista if it managed to pass through Microsoft's approval process. Penetration testing, exploit development, and vulnerability research are functionality examples of the Metasploit Framework.

"The "Certified for Windows Vista" logo is a compatibility designation for applications and devices that have passed a rigorous testing program on computers that are running Windows Vista. The technical requirements for this designation target four core areas: reliability, security, compatibility with Windows Vista and future operating systems, and installation and removal," Microsoft informed.

Ironically, Metasploit's exploit platform could end on the list of Windows Vista certified applications. And if Moore manages to set a precedent, what's next? Windows Vista certified malware?