Vista vulnerable to malware from 2004
Published: 30 Nov 2006 13:44 GMT
Microsoft's Vista may be vulnerable to at least three pieces of widespread malware, two of which date back to 2004 , according to security vendor Sophos.
At least three well-known internet worms labelled Stratio-Zip, Netsky-D and MyDoom-O by Sophos are able to execute on the OS, according Sophos.
These worms comprise 39.7 percent of all malware currently in circulation, according to the security vendor. The MyDoom and Netsky variants were first detected back in 2004.
Systems running Vista are vulnerable to the malware when running third-party email clients, according to Sophos. Windows Mail Client the Vista replacement to Outlook will block the worms, but businesses running third-party email clients such as Lotus Notes, or that permit web-based mail such as Yahoo or Gmail, could be vulnerable.
Sophos decided to test Vista for resistance to common strains of malware after Microsoft co-president Jim Allchin made a comment that he would be happy for his seven-year-old son to use a locked-down version without antivirus.
"The comment about his seven-year-old spurred our idea let's see if malware runs on Vista," said Carole Theriault, senior security consultant at Sophos. "It does."
"I'm certainly not going to run Vista without antivirus," Theriault added. "And I wouldn't take the risk with my business. Who knows how many more pieces of malware run on it?"
Windows Mail Client will block these mass-mailers, as it detects double extensions. Some mass mailers try to hide their executable payloads behind another extension for example a text file. Mail Client will notice both the executable and the text file, and prevent the executable from running, in its default setting. However, Mail Client security features do not apply to third-party email clients, which may not block malware adequately.
Although Sophos is recommending that businesses running XP eventually shift to Vista, as XP is less secure, Theriault said that for the time being businesses considering running Vista will still need to take security precautions.
"Vista is excellent, but it hasn't really changed the security landscape," said Theriault. "You still need antivirus, firewalls and patches at least."
Theriault said it was too early to predict the speed and scale of Vista uptake.
"People will listen to what's going on, and make a decision depending on what suits their environment best. It's too early to say," said Theriault.
These are among the first flaws found in the finalised version of Vista. The Vista kernel was hacked by a Polish security researcher at the Black Hat security conference this year, using virtualisation technologies. Security company Symantec also reported flaws in the Vista kernel in August.
Microsoft was approached for comment on this story but no spokesperson was available.
- Windows Vista overview
- Windows Vista Business
- 10 things to consider before taking the Vista plunge
- Bill Gates talks Vista and Linux
- Vista launch kicks off in New York
- Why you should care about Vista
- Peace in our time for Vista?
- Should businesses upgrade to Vista?
- A quick guide to Windows Vista's new file system
- Windows Vista is in sync with your files
Did you find this article useful?
440 out of 522 people found this useful
- Share this article:
Full Talkback thread
13 comments
-
Vista and Security Moley -
hmmm does this mean you actually gave your e-... bigfootman -
Big Mouth Moley -
hmmm still think this is unlikely bigfootman -
This is funny CMNetworx
-
Not so funny Moley
-
Fair comments bigfootman
-
hmmm does this mean you actually gave your e-... bigfootman
-
Maybe you're wrong in what you are saying and... pounder_arthur@hotmail.com
-
Vista, A graphical dog CMNetworx
-
A security 'monoculture' of Vista is a real concer... 187205
-
Vista is not intended to provide full security for... Gomiboy
-
Way to pollute a test... wraith808
