http://www.informationweek.com/news/windows/operatingsystems/showArticle.jhtml?articleID=207601217 By Thomas Claburn InformationWeek May 8, 2008 Microsoft (NSDQ: MSFT)'s Vista operating system is more susceptible to malware than Windows 2000, and though it's 37% more secure than Windows XP, it's still too vulnerable. That's the contention of security vendor PC Tools Software, which has a financial interest in the vulnerability of Microsoft's software. "Ironically, the new operating system has been hailed by Microsoft as the most secure version of Windows to date," said Simon Clausen, CEO of PC Tools, in a statement. "However, recent research conducted with statistics from over 1.4 million computers within the ThreatFire community has shown that Windows Vista is more susceptible to malware than the eight year old Windows 2000 operating system, and only 37% more secure than Windows XP." According to statistics gathered from users of PC Tools' ThreatFire security service, Vista let 639 threats per thousand computers through, compared with 586 for Windows 2000, 478 for Windows 2003, and 1,021 for Windows XP. ThreatFire is an anti-malware system that tries to block malicious software based on its behavior rather than by signature matching. Given an infection rate of 639 per 1,000 PCs, almost 64% of Vista users should have compromised machines. Michael Greene, VP of product strategy for PC Tools, said that the malware identified had "gotten to the desktop and to the point of doing something bad." He said that he didn't have the ThreatFire data immediately accessible but said that presumably some of the monitored machines also had third-party antivirus software that missed the malware. That tendency, the inability of signature-based antivirus systems to keep up with auto-generated malware variants, is the reason PC Tools developed ThreatFire, Greene explained. A Microsoft spokesperson questioned whether PC Tools' methodology conforms with Microsoft's methodology. "We appreciate independent studies and encourage researchers to help us make our products more secure; however, this is a study by a vendor of anti-malware products," a Microsoft spokesperson said in an e-mailed statement. "ThreatFire vulnerability comparison numbers certainly don't reflect our vulnerability findings from the malicious software removal tool (MSRT), which ran on over 400 million machines in December 2007. >From June 2007 through December 2007, the MSRT found malware on 2.8% of the Windows Vista machines it ran on, vs. 7.2% of Windows XP SP2 machines. It found malware on 5% of Windows 2000 SP4 machines and 12.2% of Windows 2000 SP3 machines. Note that for Windows 2000 this spans both client and server machines." _______________________________________________ Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Fri May 09 2008 - 05:55:30 PDT