“Microsoft’s Vista may be vulnerable to at least three pieces of widespread malware, two of which date back to 2004 , according to security vendor Sophos,” Tom Espiner reports for ZDNet UK. “At least three well-known Internet worms — labelled Stratio-Zip, Netsky-D and MyDoom-O by Sophos — are able to execute on the OS, according Sophos.”
“These worms comprise 39.7 percent of all malware currently in circulation, according to the security vendor. The MyDoom and Netsky variants were first detected back in 2004,” Espiner reports.
Espiner reports, “These are among the first flaws found in the finalised version of Vista. The Vista kernel was hacked by a Polish security researcher at the Black Hat security conference this year, using virtualisation technologies. Security company Symantec also reported flaws in the Vista kernel in August.”
Full article here.
[Thanks to MacDailyNews Reader “dogfriend” for the heads up.]
MacDailyNews Take: On. The. First. Day. Of. Release.
Related articles:
Microsoft’s Allchin: Vista won’t need antivirus software – November 10, 2006
Microsoft’s oft-delayed, much-pared-down Windows Vista hacked at Black Hat – August 07, 2006
Symantec details more security holes in Microsoft’s Windows Vista – July 26, 2006
New invisible rootkit hits Windows including Vista – July 17, 2006
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Windows chief Allchin: Buy Windows Vista for the security – January 30, 2006
What is the least secure area of your home? The doors & windows — that is where someone breaks in. Vista is single pane glass that can be shattered by nearly any small stone on the sidewalk, OSX is a thick brick wall — you might get through but it will take you a long time. During tornados, hurricanes or earthquakes you don’t hang out near the windows. Windows…. just not safe & secure.
Zune Tang,
We know you’re trying to be funny, but you sound like a parody of an indoctrinated Nazi parroting his Fuhrer. Does your MDN persona believe Vista and Zune are the start of MS’s Thousand Year Reich?
As for Vista, it’s VERY BAD NEWS that MS’s shiny, “all-new”, Holy Grail OS is vulnerable to old hacks right out of the box. In short, OMFG. It’s pretty solid proof of what little has changed under the hood.
Did the Vista team really accomplish anything besides resource-hogging UI effects for XP?
Yeah, at first I found Zune Tang refreshingly funny and clever, … but the whole show is starting to wear a little thin now. So, Zune Tang – whoever you are – it’s getting old. There IS such a thing as sticking with a joke too long. Not funny now, not clever now, boring.
I just skip over his posts.
Microsoft’s security can be summed up in one word-
shockinglycrappy
Just behind the Zune, Vista goes plop, into the porcelain bowl and will follow the former as it swirls its way towards another Microsoft disaster.
If Vista is seen by corporations as a security risk, Mac OS X and Linux will squeeze Windows to death over the next few years.
Die Microsoft, die!
MW: blood, as in: Microsoft’s blood on Apple’s mouse.
“Microsoft’s security can be summed up in one word-“
Horrific. Craptacular. Pathetic.
I can’t just stop with one word.
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
Of course, all the little MacDaily trolls ignore the real facts:
(1) this collection of malware requires user execution (i.e., no auto-exection), as I far as I can see.
(2) The Windows Mail client successfully blocks the files, whereas the third party softwares are not set up to block them. That is, if there are any “vulnerabilities,” they’re in the third-party software.
Further, this ignores the larger issue, conveniently unmentioned by Sophos:
(3) Does Vista’s UAC (User Account Control) feature come into play during execution of these programs? I.e., do they need ‘Admin’ permissions to run successfully?
The fact that programs written for pre-Vista versions of Windows run on Vista is rather obvious. I’d mark this as hype created by a very scared anti-malware software provider.
Y’all need to learn to think for yourselves.
Good luck!
Wow, so Truthfully speaking, OSX allows third-party software to be vulnerable? Or is that a Windows thing?
Am I phrasing that right?
1) Yes, but we’re just getting started.
2) The Windows Mail Client blocks the files because of the multiple extensions, but it is a flaw in the Window OS that allows the files to be disguised in the first place.
3. UAC doesn’t enter into it, based on your first statement (user will execute the file).
I think the software vendor is doing a service, because of Jim Allchin’s earlier statements, some users might think they don’t need AV software with Vista. They would be wrong. Even Allchin went back and clarified this later, but some people may think Vista is ok without AV software (e.g. Allchin’s 7 year old son).
Please draw your own conclusions on the ramifications of this:
The annual report by the U.S.-China Economic and Security Review Commission, released Nov. 16, stated that there are “clear examples of computer network penetrations coming from China,” including those linked to Titan Rain.
The report said the Chinese military has “information warfare units [that] are developing viruses to harm the computer systems of its enemies.”
http://www.washtimes.com/national/20061130-103049-5042r_page2.htm
Even “satire” has word “tire” in it. And I think some are beginning to “tire” of Zune Tang’s musings.
Then again, the reactions to Tang’s inanities with regard to our favorite Redmond target has clearly been the next turn of the screw – some of the knee-jerk outrage has been pretty funny, too. Just because it’s so blatantly vitriolic without context.
MDN’s pet troll is still going strong!
(Those of you who remember can be glad Sputnik has finally burned out in the atmosphere.)
Zune Tang, it’s refreshing to hear your Voice of Reason™.
I always get a good laugh, a chill down my spine or the combo effect.
So folks, I believe that the clueless ones are those who take Zune Tang seriously. ZT uses irony and sarcasm brilliantly. He’s the Stephen Colbert of MDN!
Check out this site for similar chuckles:
http://demotivators.com/
MDN Magic Word: i have a FEELING that some folks are levity challenged around here.
Here’s some truth:
I searched Sophos for “mac exploits” and read the 2 pages.
http://www.sophos.com/search/search-results/?product_search=site_search;search=mac exploits;action=search&page=0&advanced;=
I did the same for “windows exploits” but didn’t have the time to read all 232 pages.
http://www.sophos.com/search/search-results/?search=windows+exploits&product_search=0&submit;.x=14&submit;.y=7&action=search
@Mr. Reese
“So folks, I believe that the clueless ones are those who take Zune Tang seriously. ZT uses irony and sarcasm brilliantly. He’s the Stephen Colbert of MDN!”
Yeah, well, I’m sick of Colbert’s schtick too.
Hey Ferf Muckmeyer, F*CK YOU! ZT is f-ing hilarious and his wit can’t be matched so take the huge stick out of your ass and chew on it, then sit back and enjoy the humour in ZT’s posts. Eat sh*t you douchebag.
MDN: quality, as in zune tang’s comments are of the highest quality
Mm, I see my points were largely dismissed out-of-hand. I’ll address some of the responses below.
Keep in mind, security is a function of the user AND the OS. An OS can only prevent so much before the user must accept responsibility for his own actions.
1.) “UAC is not a factor”
If you dismiss UAC, you also dismiss OS X’s Admin prompts (and similar Linux features [read: sudo]) as a form of ‘security’ and/or protection. UAC and OS X’s security prompts add more hoops for the user to jump through before the security of the system is compromised entirely.
2.) Multiple file extensions:
Yes, this is a weakness. However, I believe Microsoft introduced APIs in XP SP2 to allow third party software to detect and block it as well. This issue addressed by sophos is, from what I can tell, almost exclusive to online email such as gmail. This means the following, assuming Vista’s UAC is activated by the malware:
a. The user must download the file
b. The user must attempt to execute the file
c. The user must choose to allow the program to elevate to the admin-level when UAC comes up.
What more can Windows, OS X or Linux do to protect user data (i.e., the only thing of value)?
3.) ” OSX allows third-party software to be vulnerable? “
What does this even mean? Yes, it does. There is no mechanism in OS X that prevents mallicious software from being executed by the user or written by a developer with mallicious intent.
For people interested in a somewhat lower-level analysis of Vista versus XP, I suggest you read up on Micrsoft’s Secure Development Lifecyle and watch the most recent videos at http://channel9.msdn.com/ and blogs such as http://blogs.msdn.com/michael_howard/ . There’s also some decent whitepapers around.
Only time will tell if the work done in Vista will decrease malware prevalence, but it’s fairly obvious that Sophos is creating something from nothing in this instance. The worst thing to happen to malware companies is Microsoft’s new found commitment to security. If you believe them incapable, look at the results obtained in SQL Server 2005 and IIS6. Perfect? Of course not. Vastly superior security compared to previous versions? Decide for yourself.
Here’s FSecure’s opinion on Sophos article:
http://www.pcworld.com/article/id,128050-c,vistalonghorn/article.html
Quote:
“New Security Measures Work, Says F-Secure
Additional Vista security mechanisms should protect users, said Mikko Hypponen, chief research officer at F-Secure. If a customer opens an infected malware file, Vista would warn and question the user before allowing the malware to wreak havoc. “These particular examples of malware probably wouldn’t still be able to successfully infect the machine unless the user specifically allows it,” he wrote in an e-mail exchange.”
Good luck!
I love The Zune Thing. Er, I mean, Zune Thang.
Hi guys…
just a small advice: IGNORE Zune Tang…..he ‘s just here to piss us off, so don’t give any comment to his brainfarts…
MacB, NL
RE: dogfrined & Malware numbers.
Is that really the best argument you have?
Vista’s higher-profile security additions include:
1.) Protected Mode IE
2.) UAC
3.) Service hardening
4.) ASLR
If you’re unfamiliar with any of these, I suggest, again, that you do some research. Vista has the potential to be quite secure. Time will tell.
The important debate issues relative to the malware amount would be:
1.) How many of these require user execution? (Read: social engineering)
2.) How many exploit vulnerabilities in Windows (e.g. WMF exploits, Blaster)
2a.) How many were zero-day vulnerabilities? (Patch not available prior to exploit)
And so forth.
3.) How many hoops must pre-existing malware jump through to execute successfully on Vista?
4.) What role does security-through-obscurity play for OS X and for Vista (during the initial years)?
It’s clear this is not an appropriate venue for such a discussion. I’ll leave you to consider the importance of such questions.
There is an astounding lack of irony perception here. What the fsck is the matter with you people?
To Zune Tang:
Keep up the good work, mate! You make my day.
not surprised, and Jim Allchin said what?
Whatever, Steve Ballmer will just love the timing of this statement/news..
Zune Tang hits another home run. I, too, think he/she is an excellent satirest – playing the Baghdad Bob for Microsoft. Keep ’em up, they make my day.
RE: The Truth
I don’t the technical aspects of software security to either refute or support what you say. However, I do know a little about decision making. If I were making a choice between the 2 systems using history and trend as the criteria I’d choose Mac. Perhaps the trend for MS’s security measures for Windows is getting better, but as you said only time will tell. I also do believe the Mac obscurity theory is false. Any hacker worth his salt knows the assertions of Mac fans and the security record of Macs. That would make Macs a challenge in it self, it would be worth if for a competant hacker/virus writer to take on OSX just to monkey stomp on a shit ton of Mac fans.
I think you’d have to agree.
Windows of Opportunity…
Such an appropriate branding!