Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Malware Report Hits Vista's Security Image

Posted by kdawson on from the cracks-in-the-armor dept.

An anonymous reader recommends a Computerworld article on a new report from Australian security vendor PC Tools. The company released figures on malware detection by its ThreatFire product, and in its user base 27% of Vista machines were compromised by at least one instance of malware. From the article: "In total, Vista suffered 121,380 instances of malware from its 190,000 user base, a rate of malware detection per system [that] is proportionally lower than that of XP, which saw 1,319,144 malware infections from a user base of 1,297,828 machines, but it indicates a problem that is worse than Microsoft has been admitting to." Microsoft hasn't responded yet to this report.

3 of 258 comments (clear)

  1. Re:the problem is combining ... by J_DarkElf · · Score: 5, Informative

    No need to slam Vista (or Windows in general) -- the problem is combining a dumb user with /any/ OS he can get admin rights on.

    No matter how good your antivirus/antispyware/OS, once an idiot user figures out that by closing a certain app or clicking "yes" somewhere he can run the funny application he got by e-mail, he will do so, and the system is potentially infected.

  2. Re:Self-selection bias? by joelstobart · · Score: 5, Informative
    Seriously,

    27% of all the machines were owned by a marketing company. Its sunk in.

    Sudo copied Windows - hmmmm ... "Sudo was originally written by Bob Coggeshall and Cliff Spencer "around 1980" at the Department of Computer Science at SUNY/Buffalo".

    As for the virus remark - Its more difficult to write Linux viruses. User level permissions are more rigorous. The browsers don't have ActiveX. People who use Linux tend to know what a firewall is; and don't click yes in reply to "would you like to install" dialogues so much.

  3. Re:PR != Security by Kalriath · · Score: 5, Informative

    Vista has one and only one major security-impacting feature - The "Train users to always click yes" interface to privilege escalation. And I feel confident saying that very, very few
    of us consider that a "good" thing. Get users on Linux, and we'll be seeing the "Train users to always click yes (or in CLI mode, prefix with "sudo") approach to privilege escalation"

    Wait, that sounds familiar. Oh, wow! Both my post and yours are virtually identical!

    Seriously, people bash UAC, but it's pretty much identical to sudo.
    --
    For a site about things like basic rights, Slashdot users sure do like to censor "dissent".