Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Malware Report Hits Vista's Security Image

Posted by kdawson on from the cracks-in-the-armor dept.

An anonymous reader recommends a Computerworld article on a new report from Australian security vendor PC Tools. The company released figures on malware detection by its ThreatFire product, and in its user base 27% of Vista machines were compromised by at least one instance of malware. From the article: "In total, Vista suffered 121,380 instances of malware from its 190,000 user base, a rate of malware detection per system [that] is proportionally lower than that of XP, which saw 1,319,144 malware infections from a user base of 1,297,828 machines, but it indicates a problem that is worse than Microsoft has been admitting to." Microsoft hasn't responded yet to this report.

12 of 258 comments (clear)

  1. What kind of malware? by J_DarkElf · · Score: 5, Insightful

    Malware is not defined anywhere in the article. I know from experience that some "malware" scanners tend to mark even cookies (such as Doubleclick's) as malware, which will appear on any computer.
    I would also like to see how many of these "infected" computers had UAC and automated updates turned off.

    Looks like just another Vista bashing article (so it will no doubt be really popular here).

    1. Re:What kind of malware? by nozzo · · Score: 5, Interesting

      Yeah this is an extremely valid point. My Vista PC had 100's of 'malware' items on, all were tracking cookies. So from that someone extrapolates Vista has poor security. sheesh.

  2. I don't think this article will be popular by patio11 · · Score: 5, Funny

    After all, the survey missed classifying Vista as malware -- how accurate could it possibly be?

    --
    Help poke pirates in the eyepatch, arr.
  3. Re:the problem is combining ... by J_DarkElf · · Score: 5, Informative

    No need to slam Vista (or Windows in general) -- the problem is combining a dumb user with /any/ OS he can get admin rights on.

    No matter how good your antivirus/antispyware/OS, once an idiot user figures out that by closing a certain app or clicking "yes" somewhere he can run the funny application he got by e-mail, he will do so, and the system is potentially infected.

  4. Wait a moment... by hyperz69 · · Score: 5, Funny

    Vista Had a Positive Security Image?

  5. Re:Self-selection bias? by joelstobart · · Score: 5, Informative
    Seriously,

    27% of all the machines were owned by a marketing company. Its sunk in.

    Sudo copied Windows - hmmmm ... "Sudo was originally written by Bob Coggeshall and Cliff Spencer "around 1980" at the Department of Computer Science at SUNY/Buffalo".

    As for the virus remark - Its more difficult to write Linux viruses. User level permissions are more rigorous. The browsers don't have ActiveX. People who use Linux tend to know what a firewall is; and don't click yes in reply to "would you like to install" dialogues so much.

  6. Re:PR != Security by Kalriath · · Score: 5, Informative

    Vista has one and only one major security-impacting feature - The "Train users to always click yes" interface to privilege escalation. And I feel confident saying that very, very few
    of us consider that a "good" thing. Get users on Linux, and we'll be seeing the "Train users to always click yes (or in CLI mode, prefix with "sudo") approach to privilege escalation"

    Wait, that sounds familiar. Oh, wow! Both my post and yours are virtually identical!

    Seriously, people bash UAC, but it's pretty much identical to sudo.
    --
    For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
  7. Consider the source by Gadget_Guy · · Score: 5, Insightful

    So a company that sells security software puts out a press release to say that you still need to buy their software even if you run Vista. I can't think of a single ulterior motive that they might have to do this!

    How many of the anti-virus companies don't issue doom-and-gloom style press releases? It is just their way of drumming up business. I would rely on these figures as much as I would rely of Microsoft's "research" that might suggest that Vista is completely immune to any security issue. The truth lies somewhere in between - which shouldn't surprise anybody.

    And before anyone jumps down my throat, no Microsoft didn't says Vista was that perfect.

  8. technical limitation by CarpetShark · · Score: 5, Funny

    After all, the survey missed classifying Vista as malware -- how accurate could it possibly be?


    This was my first thought too. But then I realised that they've obviously omitted that fact on purpose, to solve an infinite recursion paradox:

    Vista is malware
    Vista can host malware
    Therefore vista is self-hosting

    Vista is unstable
    Therefore, vista can't host a stable OS
    Therefore Vista can't host itse..

    Oh, never mind. It works out just fine.

  9. Comment removed by account_deleted · · Score: 5, Interesting

    Comment removed based on user account deletion

  10. Re:PR != Security by pla · · Score: 5, Insightful

    Seriously, people bash UAC, but it's pretty much identical to sudo.

    Key difference - Using sudo represents an active request by the user for privilege escalation. Telling UAC to continue approves apassive request that the user might not actually have made (or known they made). When enough of them pop up at random times, it conditions the user to just say okay to make it go away - By comparison, no one would ever just randomly sudo a command for the hell of it.

  11. And that, my friends... by patio11 · · Score: 5, Insightful

    ... is a +5, "Telling Slashdot what it likes to hear" moderation.

    -- Posted from my Vista machine ;)

    --
    Help poke pirates in the eyepatch, arr.