Slashdot Mirror

← Back to Stories (view on slashdot.org)

Russinovich Says, Expect Vista Malware

Posted by kdawson on from the UAC-be-damned dept.

Hypertwist writes "Despite all the anti-malware roadblocks built into Windows Vista, Microsoft technical fellow Mark Russinovich is lowering the security expectations, warning that viruses, password-stealing Trojans, and rootkits will continue to thrive as malware authors adapt to the new operating system. Even in a standard user world, he stressed that malware can still read all the user's data; can still hide with user-mode rootkits; and can still control which applications (anti-virus scanners) the user can access. From the article: '"We'll see malware developing its own elevation techniques," Russinovich said. He demonstrated a social engineering attack scenario where a fake elevation prompt can be used to trick users into clicking "allow" to give elevated rights to a malicious file.'

17 of 193 comments (clear)

  1. Actually by Anonymous Coward · · Score: 5, Funny

    I'm really quite surprised by this.

    1. Re:Actually by Anonymous Coward · · Score: 1, Funny

      > unless I'm misunderstanding somewhere...?

      No, I think you're just misunderestimating Windows.

    2. Re:Actually by ady1 · · Score: 3, Funny

      mighty tree falling in the middle of a forest, with no one to hear it. Surely you can examine the logs later on.
    3. Re:Actually by poot_rootbeer · · Score: 2, Funny

      What if Microsoft wrote a new OS, and no one bothered writing applications for it, not even malware?

      IBM would probably take custody of it after their partnership with Microsoft dissolved, and it would become the OS of choice for ATMs and financial workstations for years to come.

  2. Well, no shit by hairykrishna · · Score: 4, Funny

    In similar news, despite a wide variety of new content, online pornography remains disproportionately popular.

    --
    "Physics is to math as sex is to masturbation." -R. Feynman
  3. The "anti" strikes again. by Anonymous Coward · · Score: 2, Funny

    "He demonstrated a social engineering attack scenario where a fake elevation prompt can be used to trick users into clicking "allow" to give elevated rights to a malicious file.'"

    Good thing geeks are anti-social.

  4. Vista malware by psaunders · · Score: 5, Funny

    Russinovich Says, Expect Vista Malware Old news. Vista has been available for months now.
    --
    Karma police, arrest this man. He talks in math. He buzzes like a fridge. He's like a detuned radio.
  5. Smilies by yotto · · Score: 4, Funny

    So you're telling me I shouldn't have installed these smilies? Here, let me try a typical smiley face. :-@*&^^^ NO CARRIER

    --
    Pulp Audio Weekly - Geek News and Reviews
  6. Duh! by Cervantes · · Score: 4, Funny

    From the "No fucking shit, sherlock" file...

    Malware writers will write malware for the latest OS? And they'll try and find ways around the blocks? And in the millions of lines of code, they'll find a weakness and succeed? Holy shit, I never would have guessed!!

    Seriously, sometimes when I read Slashdot, a small part of my brain cries out in pain, and then is silent forever.

    --
    If I knew the wedgies I gave you back in 6th grade would have resulted in this . . . I might have taken a moments pause.
    1. Re:Duh! by Workaphobia · · Score: 4, Funny

      > "Seriously, sometimes when I read Slashdot, a small part of my brain cries out in pain, and then is silent forever."

      This was only the first in a sequence of articles, the next being "Hackers can break into unsecured wireless routers."

      The Jedis are going to feel this one.

      --
      Evidently, the key to understanding recursion is to begin by understanding recursion. The rest is easy.
  7. Standard plug-in joke #3: by Black+Parrot · · Score: 4, Funny

    In Russinovich, malware attacks Vista.

    --
    Sheesh, evil *and* a jerk. -- Jade
  8. Re:And ... ? by WrongSizeGlass · · Score: 3, Funny

    What is your answer to AFTER the box has been cracked? I've found that super glue works pretty well, bu nothing is as good as blue duct tape. Blue duct tape rules.
  9. pfffft.. by Jose · · Score: 5, Funny

    malware tends to only be available for popular OS's! I am sure that Vista will remain safe from such attacks.

    --
    The basic sleazeware produced in a drunken fury by a bunch of UCBerkeley grad students was still the core of BIND. --PV
  10. Re:Why the, extra comma? by Petrushka · · Score: 2, Funny

    Oh, that's easy: because it takes a lot longer to type " ... &quot; than it takes to type " ... " into the <title> tag. (Though that's still not as long as it took me to type this comment.)

  11. Security through obscurity by EmbeddedJanitor · · Score: 4, Funny

    Well, to hack/infect/trojan a Vista system you first have to find one. Considering the high switchback rate to XP that's going to be harder than previously expected.

    --
    Engineering is the art of compromise.
  12. Re:The real role of WinFS by inviolet · · Score: 2, Funny

    WinFS and precursors have been promised in all versions of Windows since the early 1990s (except probablyy ME). [...]

    I'm guessing that Duke Nukem Forever is dependent on some unique feature of the WinFS filesystem...

    --
    FATMOUSE + YOU = FATMOUSE
  13. Re:And ... ? by WrongSizeGlass · · Score: 2, Funny

    You can find blue duct tape on this new intertube place called Google. My mechanic uses some magic blue duct tape he refers to as "100 MPH tape" ... which is why I never let him tow my car.