New Malware Report Hits Vista's Security Image

An anonymous reader recommends a Computerworld article on a new report from Australian security vendor PC Tools. The company released figures on malware detection by its ThreatFire product, and in its user base 27% of Vista machines were compromised by at least one instance of malware. From the article: "In total, Vista suffered 121,380 instances of malware from its 190,000 user base, a rate of malware detection per system [that] is proportionally lower than that of XP, which saw 1,319,144 malware infections from a user base of 1,297,828 machines, but it indicates a problem that is worse than Microsoft has been admitting to." Microsoft hasn't responded yet to this report.

Re:What kind of malware?

[Dwedit]

How about Wild Tangent bundled games that come with many PCs? Those trip up the spyware detectors too.

Re:What kind of malware?

[nozzo]

Yeah this is an extremely valid point. My Vista PC had 100's of 'malware' items on, all were tracking cookies. So from that someone extrapolates Vista has poor security. sheesh.

Re:What kind of malware?

[setagllib]

Because Wild Tangent is spyware.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:What kind of malware?

[Jesus_666]

Spyware that's hard to defend against. Trojan-style malware doesn't need security flaws to enter the system, thus Vista's new security features won't help much against it.

Re:PR != Security

[JasterBobaMereel]

Users should be prevented from installing programs blindly - Full stop

Users should be informed the program is trying to run as an admin and so has been killed

Users should ask to install a program, be asked for admin password to continue and then go ahead without repeated warnings ....!

Asking for permission to do something means the program was not installed properly (when installed it should request all permissions it will need), or should not be doing it

Windows Vista does all the wrong things
    Prompts for permission on both installed and uninstalled programs repeatedly
    treats an install the same as running a program

Linux/OSX are not perfect but seem to have got the balance more correct (mainly due to a legacy of doing the right thing and so not having to support user programs that assume full admin rights)

Vista and UAC ..

[rs232]

"Vista suffered 121,380 instances of malware"

I thought Vista with UAC didn't get malware. Didn't Allchin say Vista didn't need any anti-virus software.

Re:What kind of malware?

[sm62704]

If these games are spyware and are bundled with the computer, then your computer itself is malware.

Computing must be based on trust unless you have your own chip factory, and even then you have to trust your employees.

If you buy a Dell with Linux on it, Dell can preinstall any rootkits they want and there's no way anyone could find them. You would have to boot from a CD or floppy and repartition the drives and reinstall the OS. Hell, they could install a hardware rootkit and even that wouldn't work.

I'm glad I build my own PCs. I'm going back to vaccuum tubes. Where's my tinfoil hat?

Re:What kind of malware?

[T.E.D.]

Trojan-style malware doesn't need security flaws to enter the system, thus Vista's new security features won't help much against it.

Actually, I got Vista specificaly to stop that kind of malware, and its worked like a champ.

See, I'm generally sharp enough not to put malware on my own system. The problem is that my kids use the computer while I'm at work, and they like to install "free" stuff they find online. Since you can't do a damn thing in XP w/o running as admin, there was no stopping this.

With Vista UAC you can run as an unprivelged user. If a program wants to install something, it will prompt for the admin password. If its me and I really want that install to happen, I enter the admin password and it proceeds as normal. If its one of my kids running, they call me at work begging for the password, and I tell them to go jump in a lake.