Symantec clears Vista on malware

  • Article

There is a nice article, where Symantec talks about Windows Vista: https://www.vnunet.com/vnunet/news/2184521/symantec-clears-vista-malware

They quote the Symantec report and then talk to a person from Sophos. 

Let's look at a few quotes:

Graham Cluley, senior technology consultant at Sophos , said that the User Account Control in Vista is an important enhancement designed to prevent the installation of malware.

I like that statement (obviously).

"However, it is also very intrusive with a high number of alerts that end users need to respond to, so there is a strong likelihood of it being disabled unless they are trained in how to use it," he added.

This is somethign I simply do not get. I am running Vista at home on all the PCs. Everyone is User and - obviously - on every machine UAC is enabled. When you install applications or initially set the machine up, I agree, there are prompts. Well, I want there to be prompts as an installation task needs elevation! Looking at my wife and my kids - they never get any prompts anymore. I am sometimes wondering what people do wiht their machines when they complain about UAC. OK, if you are a geek, installing and uninstalling software, you get a prompt for each of these tasks but think about it - does it not make sense to get these prompts?

Symantec's study found that between 96 and 98 per cent of malware such as spyware and Trojans is also blocked.

I start to like the report even more :-) - and this is without AV.

However, the firm warned that malware writers could decrease those percentages by making only minor changes to their code.

Cluley agreed that Vista is the most secure operating system yet from Microsoft, but pointed out that it will still be targeted.

"Better security does not mean perfect security. The only 100 per cent secure computer is probably one without an internet connection, and with the keyboard and all disk drives disconnected," he said.

Well, we never said that it is a "secure" OS, we said that it is the most secure OS ever. There will be malware, there will be vulnerabilities and there will be Security Updates, no doubt. But we expect it to be much, much less. And this is a trend we already see: The attacks are moving up the stack into the applications and to target the end-user. Not that this is a very good thing as it moves the problem to a new level but it shows that the measures taken in XP SP2 and Vista start to pay off.

Symantec originally mauled Vista back in August 2006, pointing to security flaws that would allow computers to be easily overtaken by malicious parties.

"During this research we discovered a number of implementation flaws that continued to allow a full machine compromise to occur," the 2006 report said.

"By exploiting these flaws, a low-privilege, low-integrity level process can bypass User Account Protection, and ultimately execute code at a high-privilege, high-integrity level."

However, those tests were carried out on early release code and Symantec said that security would continue to be addressed until the final release, with some of the holes already plugged by Vista Beta 2.

Let's just leave that as it is. We see this happen often in other products as well: People compare a Beta with other (final) products and complain....

 Cheers from the Helsinki airport (BTW: They have snow compared to us in Switzerland)

Roger