The Microsoft Tax: New attack bypasses every Windows XP security product tested; Mac unaffected

Apple Online Store“Security researchers at Matousec.com have come up with an ingenious attack that can bypass every Windows security product tested and allow malicious code to make its way to your system… While Vista and 7 users are safe, some 60% of PCs still use XP,” Adrian Kingsley-Hughes reports for ZDNet.

“Yes, you read that right – every Windows security product tested,” Kingsley-Hughes reports. “And the list is both huge and sobering.”

“The attack, called KHOBE (Kernel HOok Bypassing Engine), leverages a Windows module called the System Service Descriptor Table, or SSDT, which is hooked up to the Windows kernel,” Kingsley-Hughes reports. “Unfortunately, SSDT is utilized by antivirus software.”

Kingsley-Hughes reports, “Oh, and don’t think that just because you are running as a standard user that you’re safe, you’re not. This attack doesn’t need admin rights.”

Full article here.

MacDailyNews Take: Life’s too short. Stop wasting your time. Stop stressing out. Get a Mac.

[Updated: 1:04pm EDT: Added XP in headline and XP info in first quoted paragraph. Thanks “Islandgirl for the heads up]

24 Comments

  1. This is music to the ears of IT professionals everywhere. not only does it make them necessary in the Windows world, it gives them another excuse to consolidate power; “It’s dangerous out there!”

    It’s going to be slow going, but over the next 10 years I believe Windows will eventually be rooted out and eradicated, kind of like Small Pox.

  2. Running Windows is like parking you brand new BMW on a dark street in the ghetto, leaving the windows open, the keys in the ignition, and then walking away.

  3. Shouldn’t some legal eagle begin a class action suit against M$ for having a monopoly on virus, trojans and malware? Inquiring minds want to know!

  4. Only last weekend I finished reading Richard Clarke’s “Cyber War”, which deals with threats to our very vulnerable cyber-infrastructure. He notes some actual government initiated events and some of the very realistic potential scenarios we may be facing.

    He touches on the role played by Windows of course in that overall vulnerability. He also relates Microsoft resistance to pressure to take security more seriously, as over banking security.

  5. Yea, well, some poor saps (like a friend of mine) will never get it. He just bought a 15″ ThinkPad for $630 at Best Buy. The 13″ MacBook Pro costs $1100. He felt he couldn’t justify the extra cost. Just wait till he’s infected and loses everything. I tried to warn him, but that kind of price difference was just too hard to fight.

  6. My standard retort to those who scream that Apple’s OS will soon be as riddled with malware as Windows follows:

    Mac OS is not impregnable. There are currently several Trojans which can be downloaded and run on a Mac. They have to be actively downloaded and run by the user.

    Having said that, OS X is a version of UNIX, which was designed to be networked, unlike Windows, which was designed to be stand-alone. Windows has massive holes and spaghetti code where all sorts of malware can run without the user knowing.

    In UNIX, nothing can run unless it’s been approved to run by an administrator. Also, every piece of software resides in a library, and there are a limited number of them. There’s really not much room to hide; if the virus is not running on the Admin account, very little damage can be done. Read more about that here: http://daringfireball.net/2004/06/broken_windows

    Additionally, Macs are virtually invisible on the internet right out of the box. Even without a firewall on, you are essentially in “stealth mode,” so Macs are safer from crap that’s out there being passed around. “… by default, OS X doesn’t leave many ports open. In contrast, most versions of Windows ship with a bunch of open ports, which is one reason that operating system is a riper target for malicious hackers. And while Leopard leaves open more ports than earlier versions of Mac OS X, so far there have been no known attacks on those default services.” http://www.macworld.com/article/132558/2008/03/connect2504.html

    Because Macs are hard to crack, and Windows is easy, the goons target Windows. But that doesn’t mean they haven’t tried. Read about the “Hack-my-Mac” challenge here: http://www.informationweek.com/news/hardware/mac/showArticle.jhtml?articleID=181502078

    To anyone who uses the illogical argument that the Mac is only malware free because of so little market share, “So? It doesn’t matter what the reason is. Macs are safer. Period.”

  7. Oops. Tried to defeat my own points. Should have concluded with, “So? It doesn’t matter if it’s market share or the reasons I’ve listed. Macs are safer. Period.”

  8. How come no one is talking about Apple Tax anymore? Because it was all BS!!!! This is the real deal. Windows guaranteed TAX that keeps pulling money out of your ass for buying into Windows!!! hahahaha

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.