NOW READ THIS
("Security Advisory")

Go Back

Submitted by: Bill Hickey
NCVA List Master

NRT-0017 VISTA Advisory:


Thinking about VISTA? You might want to think again.

  1. Microsoft officials say that the Windows operating system is not the weakest link in desktop security, and that Windows VISTA will help limit the greatest vulnerability of all -- users' bad decision making. While previous iterations of Microsoft's dominant operating system hit the market with an abundance of security loopholes that let users open to myriad forms of attack, company officials said new features in VISTA will not only make it harder for malware writers to attack it but also make it more difficult for users to hurt themselves. Executives point to Microsoft's SDL (Security Development Lifecycle) program as an attempt to root out many of the coding flaws that left gaping security holes in previous versions of Windows during development and said the primary thrust of the security tools added in VISTA has been to help customers help themselves. Microsoft's User Account Control feature promises to help prevent viruses from spreading within a machine by prompting the user to approve nearly every change to the system that such a program might try to make. Whereas programs that tap into a machine's administrative controls to advance their reach largely operated in secret before VISTA, users will now be able to shut down the attacks as they try to proliferate. Another Microsoft approach is the anti-phishing technologies in IE-7, which uses on-board heuristics, as well as site-blocking capabilities based on traditional blacklists and whitelists, to give users an idea of the security status of every site they try to access. By arming users with a browser that flashes red around the edges when they try to access a suspected phishing site, Microsoft can help customers make wiser security decisions on their own. But some security vendors are already criticizing VISTA's on-board security components, with anti-virus market leader Symantec calling UAC too "chatty" to have a significant impact on safety. They predict users will come to ignore the many warnings the system produces. So Symantec is developing products that will manage UAC and the other VISTA security tools. (eWeek 25JAN07)

  2. Microsoft security rival, Webroot Software Inc., makers of "Spy Sweeper", blasted Microsoft anti-spyware technology that is included in Windows VISTA as "ineffective," "slow," and "weak." The chief technology officer of Webroot Software said "we want to make sure that users understand the VISTA operating system's limitations, and caution them that Microsoft's default malware blocking application and anti-virus programs may not fully protect them." His firm's research team tested Defender against a suite of Trojan horses, adware, keyloggers, system monitors, and other unwanted programs, all of which were gathered from in-the-wild threats. They found Defender passed 84% of the tested malware, while Webroot's own Spy Sweeper blocked 100% of the threats. Webroot was also critical of Windows Defender's infrequent updates. Microsoft currently issues spyware definition updates every 7-10 days. Webroot says it identifies approximately 3,000 new traces of spyware every month. (InformationWeek 25JAN07)

  3. Pirated VISTA is likely malware. Security vendor DriveSentry warned that about half of the downloads claiming to be free versions of Microsoft's VISTA operating system are actually malicious Trojan horse software. With VISTA's consumer launch just days away (released today, 29JAN), hackers have been bombarding discussion boards with offers of "cracked" versions of Windows VISTA, which are typically being distributed on peer-to-peer networks. These posts offer downloads of the operating system that skip VISTA's activation process, created by Microsoft to prevent users from running illegal copies. The firm said users who fall for the scam can end up with some pretty nasty problems. DriveSentry researchers have found malicious key-logging software and spyware on about half of the downloads it has examined to date. (InfoWorld 25JAN07)



Last Modified: Tuesday, 30-Jan-2007 00:24:55 EST