arstechnica.com — New security features of Windows Vista have yet to prove themselves, but Microsoft's Mark Russinovich says that Vista should cause viruses and malware to "evolve" to cope with the changes. In short, malware isn't going away anytime soon.
Apr 30, 2007 View in Crawl 4
dvdcrMay 1, 2007
Vista more secure than OSx? BS<a class="user" href="http://digg.com/apple/Hack_a_Mac_Contest_Winner_Vista_More_Secure_than_Mac_OS">http://digg.com/apple/Hack_a_Mac_Contest_Winner_Vista_More_Secure_than_Mac_OS</a>
sid0May 1, 2007
What do you mean by "trivial to get admin access in Vista" ?
markdr123May 1, 2007
"In short, malware isn't going away anytime soon."No s**t, Sherlock.
miothegreatMay 1, 2007
"User mode malware still has access to HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun, so yes it will be able to run again after reboot(for that user)."Fortunately, it's easy to stop things that are there from starting.If malware has access to the entire system, there are many more far insideous and difficult to find ways to get something bad to run at startup.
gatesisgangstaMay 1, 2007
Yes thats right. Why are people so dumb? If you exercise common sense you will be all good. I hate retards that click on random BS that shows up "Buy My AV program"
grumpyrainMay 2, 2007
> So UAC annoys the s**t out of you, and it can't stop malware anyway, which is its purpose?Why can't it stop malware? I think you miss the point of Mark's blog. He is saying that most malware techniques in use today are impotent inside the UAC sandbox, because they require that the user has security permissions to modify certain files or registry keys, or at the very least requires the user click Allow. (Only time will tell whether social engineering will teach people to always click allow). Malware will continue to occur because there is dodgy organisations who want botnets to flood your inbox with pen1s enl@rger emails, and there are script kiddies with a chip on their shoulder and a point to prove. UAC means that they have to find some other way to convince the user to run them (social engineering), or they need to find some other attack vector to what is used today (largely mass mailed worms or trojans).Will UAC prevent all malware? Only a fool would argue that to be the case.Will UAC make it harder for malware to spread? Yes.[quoting Mark Russinovich]Because elevations and ILs don’t define a security boundary, potential avenues of attack , regardless of ease or scope, are not security bugs. So if you aren’t guaranteed that your elevated processes aren’t susceptible to compromise by those running at a lower IL, why did Windows Vista go to the trouble of introducing elevations and ILs? To get us to a world where everyone runs as standard user by default and all software is written with that assumption.[/quote]
chrismgtisMay 3, 2007
At least most of you can agree that any sort of malicious software created in the future will... wait for it... be created to work against the new protections offered by new operating system versions and updates. Are we suprised? Did the rest of you expect malicious software writers to code for the software to work on DOS in the year 2007? I honestly would not be suprised if that is what so many of you believe. Yes, no software is secure. End of story. As someone has said, the weakest link is the user. Do you want a secure network? Educate your user. Do you want to stop receiving SPAM and getting hit with spyware and virus infections? Well, you obviously had to learn how to use your DVD player to watch those movies so you could sit on your ass on that couch all day long. Learn how to use a f**king computer.