Slashdot Mirror

← Back to Stories (view on slashdot.org)

Russinovich Says, Expect Vista Malware

Posted by kdawson on from the UAC-be-damned dept.

Hypertwist writes "Despite all the anti-malware roadblocks built into Windows Vista, Microsoft technical fellow Mark Russinovich is lowering the security expectations, warning that viruses, password-stealing Trojans, and rootkits will continue to thrive as malware authors adapt to the new operating system. Even in a standard user world, he stressed that malware can still read all the user's data; can still hide with user-mode rootkits; and can still control which applications (anti-virus scanners) the user can access. From the article: '"We'll see malware developing its own elevation techniques," Russinovich said. He demonstrated a social engineering attack scenario where a fake elevation prompt can be used to trick users into clicking "allow" to give elevated rights to a malicious file.'

3 of 193 comments (clear)

  1. An Expected Approach by gooman · · Score: 5, Insightful

    He demonstrated a social engineering attack scenario where a fake elevation prompt can be used to trick users into clicking "allow" to give elevated rights to a malicious file.

    That is the scenario I have been envisioning since I first installed RC1. Microsoft is conditioning users to agree to about anything by having so many intrusive pop-ups. People just want to get on with their computing experience. Maybe they will read the warning a few times at first, but after a short while they just respond without reading because that is how they get to the next step. Of course malware writers will use this method, it is almost as if Microsoft has given them a gift.

    --
    "Kittens give Morbo gas!"
  2. User Mode Rootkits? by WiseWeasel · · Score: 5, Insightful

    From the summary:
    "malware... can still hide with user-mode rootkits"

    Did that strike anyone else as odd? User mode rootkits... wouldn't that be "userkits", or just trojans/viruses/malware? If it doesn't have root access, I don't think you can call it a rootkit.

    --
    "I like systems, their application excepted", George Sand (French)
  3. So, why weren't they saying this BEFORE release? by dpbsmith · · Score: 5, Insightful

    Funny how it's all happy-talk before release, and it's only afterwards that they start to "lower expectations."

    Remind me again, what was supposed to be so good about Vista? Oh, yeah, all the stuff like WinFS that somehow never happened.

    And when people pointed that out, the answer was "but the really important thing is security, which Vista does have."

    --

    "How to Do Nothing," kids activities, back in print!