Microsoft's AntiSpyware Disabled by Spyware

Ruke writes "A trojan has targeted Microsoft's AntiSpyware program, deleting all files within the C:\Program Files\AntiSpyware folder, as well as logging keystrokes at several online banking sites." The good news is that it's a Trojan, so one still has to bother with running an attached file.

Re:MS Software crap? Really?

[Anita+Coney]

Windows runs in root. That means that by default all user accounts are created will full administrative access.

OSX and Linux (and nearly every other OS under the sun) creates user accounts with limited rights. That means things cannot happen without your specific permission.

In Suse 9.2, for example, when I need to do something like that requires root access, I'm asked to supply a password.

A similar thing happens in OSX. When you install software you're asked for a password.

Accordingly, by default Windows is less secure as programs can install and system settings can change behind your back and without your permission.

I admit that Windows gets a lot of attacks because it's a big target. However, everyone has to realise that a lot of the attacks occur simply because Windows is insecure by default.

Re:Sure it's a Trojan? Is it spyware?

[LiquidCoooled]

I think this is very ease to solve in its preferences.

A simple role selection box.
Make it default to current "careful" practice.
Allow the option to change to tolerate all known valid adware, but remove trojans, this leaves the mild things on for kids with desktops and novelty crap.
Possibly a stronger option for workplaces etc which basically deletes anything even remotely compromising.
Have the strongest option locking the machine to the working set of executables at installation time.

Windows is with us, running as admin is unfortunate, but a great many people worldwide do, we can't change that, so lets protect them as much as possible :)

Let the user decide.