Posted by Virus Bulletin on Apr 24, 2007
Kaspersky and Russinovich warn of growth in Vista, non-Windows malware.
Security experts have been making predictions for the future of malware and anti-malware developments, with some strongly worded warnings about the vulnerability of Windows Vista, as well as other platforms yet to be greatly affected by such threats.
Windows internals expert Mark Russinovich, speaking at the CanSecWest conference in Vancouver, discussed in detail the benefits of UAC and other security controls included with Microsoft's latest operating system version, but concluded that such measures will prove little barrier to the development of malware for the platform. He predicted a movement towards social-engineering based attacks, taking advantage of the role user interaction plays in bypassing the UAC controls. Some analysis of his ideas can be found here.
In London for the InfoSec conference this week, Eugene Kaspersky has been making similarly gloomy comments on Vista security, which is generally held to be a considerable improvement over previous Windows versions but remains an open target for attack. Kaspersky speculated that bad publicity about Vista security issues could drive more users to non-Windows platforms such as Apple's Mac OS X or Linux, and that as financial rewards for targeting such platforms grow, malware creators will devote more time to developing attacks to exploit weaknesses that are sure to be discovered.
He also discussed the possibility of malware for new hardware devices including mobile phones and popular home games consoles - see here for a McAfee blog posting on a possible Nintendo Wii threat, thanks to a flaw in Opera. A PC Pro interview with the head of Kaspersky Labs is here, and details of a cybercrime forum, to be held at InfoSec tomorrow with Kaspersky and other experts discussing the future of security, are here.
Posted on 24 April 2007 by Virus Bulletin
