Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's AntiSpyware Disabled by Spyware

Posted by CowboyNeal on from the save-us-windows-update dept.

Ruke writes "A trojan has targeted Microsoft's AntiSpyware program, deleting all files within the C:\Program Files\AntiSpyware folder, as well as logging keystrokes at several online banking sites." The good news is that it's a Trojan, so one still has to bother with running an attached file.

5 of 428 comments (clear)

  1. Yeah by The+Bungi · · Score: 5, Informative
    The good news is that it's a Trojan, so one still has to bother with running an attached file.

    Not that that has ever prevented Slashdot from reporting things like these as "vulnerabilities".

  2. Re:And in other news by Tuxedo+Jack · · Score: 5, Informative

    Believe it or not, someone's actually documented this.

    Norton 2005 gets pimpslapped by a .vbs file WITH SCRIPT BLOCKING ON.

    Warning: Link is to .swf file. Flash player required.

    --

    Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
  3. Re:Its the content, not the wrapping, but.... by JimmehAH · · Score: 5, Informative

    The description at Sophos (an AV firm) might be easier on the brain (i.e. not get anyone's grammar hackles up).

    Troj/BankAsh-A

  4. Re:it *is* vulnurability by Software · · Score: 4, Informative
    It takes a little work, but you can use Windows as a non-administrator. The best resources I've found for setting this up are at Aaron Margosis's blog; see http://weblogs.asp.net/aaron_margosis/ and specifically http://weblogs.asp.net/aaron_margosis/archive/2004 /07/24/193721.aspx

    It's not as easy to use as OSX (or KDE), but it works. I use it everyday on my primary computer. I'll grant that it's not going to help most users (the ones who run every executable sent to them), but for people who want to use good security principles and still install software every once in a while, it's a good thing.

  5. Re:Best Antispyware... by JQuick · · Score: 3, Informative


    Believe it or not, a lot of us are running Windows 2k/XP without these problems.

    I believe you. Large numbers of users are not affected by these problems. However, a large percentage of users are adversely affected. Your experience appears to be atypical.

    Yes, I'm not using IE. Yes, I'm not using Outlook Express. Yes, I'm behind a firewall. I'm not claiming to be 100% secure, but buying a Mac or switching to Linux would do little to improve my computing experience. Never mind the stuff I wouldn't be able to do because I use software that isn't 100% supported.

    How ironic. You describe the safety of your current environment, and dismiss alternatives using identical criteria. You claim that an alternative to windows would not improve your situation, and support this claim by alluding to things which you could no longer do (presumably because you rely on programs which exist only on Windows.) What's ironic is that you do so after implying that you owe part of your safety not running several other programs.

    So, you are comparatively safe, and content with your environment. Good for you, I do not begrudge you that. However, your statements strike me as disingenuous. You blithely gloss over the fact that there are already things you cannot do (programs you cannot run) just to remain safer in your chosen environment.

    Call me old fashioned, but something is terribly wrong when a user cannot use the software bundled with their system, in the way it was intended to be used, without compromising the safety or performance of the system. Computers should serve their users. They should not break or degrade because the user actually runs the software as intended by the designers.

    Your anecdotal evidence suggests that you are not as cozy as you claim. A wider view of the situation suggests that your reported condition is far from the general case.

    A recent study commissioned by AOL and the National Cyber Security Alliance (NCSA), suggested that the majority of home users are adversely affected by spyware and other malware.

    The NSCA is supported by the Homeland Security Department and the FTC. It is also supported by a large number of tech corporations with either financial or political lobbying interest in computer security: the board of directors includes representatives from Cisco, Symantec, RSA Security, McAfee, Microsoft, and Bell South.

    This group strikes me is far from impartial, as each member (public or private) has significant interest in publicizing (or magnifying) certain security risks. These vested interests should suggest we take the report with a grain of salt. Despite this, the results are quite interesting.

    They polled a random sample of (PC using) AOL subscribers and also gained access to their computers to inspect them for viruses and malware. They found that:

    77% considered themselves safe from threats.
    66% had been infected with a virus in the past.
    20% were currently infected with viruses.
    80% were currently infected by spyware (averaging 93 sypwares/host)
    89% of owners with infected PCs were unaware of these conditions.

    The survey's margin of error was +/- 5.4%

    These are home users, business users, and highly technical users are sure to be better protected on average.

    Despite this, the protection of businesses comes at very high costs measured in hardware/software/wages/training. Sophisticated home users also spend additional time and/or money protecting themselves.

    Here are links to pdf files containing a press release and summary of the raw data.

    http://www.staysafeonline.info/news/NCSA-AOLIn-Hom eStudyRelease.pdf
    http://www.staysafeonline.info/news/safety_study_v 04.pdf