Vista launched, malware still a danger

Posted by   Virus Bulletin on   Dec 4, 2006

New Windows version on sale, but viruses remain a threat, says Sophos

The corporate version Microsoft's long-awaited update to its Windows operating system was finally released last week, with home-user editions expected in January. The launch party fireworks were damped somewhat by an announcement from Sophos, revealing that in tests 3 out of the top ten malware were still viable on the new systems.

With many anti-virus and other security vendors pushing out Vista-compatible software last week and this, and others announcing release dates for updated consumer products to coincide with the home-user launch, the new platform has received plaudits for its tighter security design and safety features. In a controversial and soon-withdrawn statement, one Microsoft spokesman went as far as to say the new OS was safe without any anti-virus running. Debate still rumbles over how much access security firms will be given to core parts of the OS, required by many to integrate their products.

On the day of the launch, Sophos released its statement, listing variants of W32/Stration, W32/Mydoom and W32/Netsky as among those capable of running under Vista. While noting that some of the security measures, including the new email client, successfully protected Vista, the release points out that vectors such as webmail may still pose a danger.

In response, Microsoft has claimed that rather than exploiting the operating system, the threats use social engineering to trick users into letting them run.

'These test results will hardly come as much of a surprise either to Microsoft or to security admins,' said John Hawes, Technical Consultant at virus Bulletin. 'With beta versions of Vista around for some time, malware creators have had plenty of time to check out the new safety features and spot which old techniques are still available to them, and it's pretty likely that new holes will emerge over time. It's good to see the addition of tighter controls on installing software and changing parts of the system are effective in blocking at least some of the threats currently out there, and in giving users more warning about what they're doing.'

Virus Bulletin will be running a comparative review of products for the Vista platform, due to appear in the February issue of VB. See here for more details of VB100% certification.

Posted on 04 December 2006 by Virus Bulletin

 Tags

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.