Advertisement
Promo

Security threats Toolkit

Windows Vista and the coming criminal diaspora

Robert Vamosi CNET

Published: 04 Dec 2006

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment
Windows Vista and the coming criminal diaspora

Last week, Microsoft finally released Windows Vista to its business customers (retail consumers will have to wait until January 30, 2007). Security experts seem to agree that Windows Vista will be more secure than Windows XP. Further, the release of Windows Vista has shaped many security vendors' predictions of what lies ahead for 2007 and beyond. Basically, if you've become used to criminals hitting Windows XP, hold on to your seats -- it's going to be wild ride as the bad guys leave Windows and move on to other applications.

Security skirmish
In anticipation of the release, Jim Allchin, co-President of the Platform Products and Services Group, made an aside during one press interview — a single comment that has received far more attention than anything else said in the interview. Allchin said that his seven-year-old was running a locked-down version of Microsoft Windows Vista without antivirus software. That's a pretty bold statement from a company that only recently starting selling its own antivirus protection.

As you can imagine, any comment suggesting that third-party antivirus software might be unnecessary with Windows Vista prompted considerable noise from the antivirus community, with some security vendors already incensed by Windows Vista's PatchGuard kernel protections. But one security vendor, Sophos, actually took Allchin to task.

Vista is both secure and vulnerable
Researchers at Sophos discovered that four Internet viruses and worms — Stratio.zip, Netsky.d, and MyDoom.o — were able to execute on the Windows Vista system when an email client other than the one native in Windows Vista was used. The viruses date back to 2004, but collectively they comprise 39.7 percent of all malware still circulating on the Internet today. The researchers found that Windows Mail Client, which replaces Outlook Express within Windows Vista, was very effective in stopping these viruses and worms, in part because the client is smart enough to recognise and stop double extensions, a trick used by these particular mass mailers.

However, when the researchers used third-party clients, such as Lotus Notes and Web-mail applications, the malware samples were able to take root in the unprotected Windows Vista environment. Sophos recommends that businesses upgrade from Windows XP to Windows Vista because Windows Vista is more secure, but upgraders and early adopters should do so in recognition that Vista systems will still need antivirus, firewall and other security protection, as Windows Vista is not foolproof.

Et tu, Mac OS?
Oliver Friedrichs, director of emerging technologies at Symantec Security Response, predicts that new defences within Windows Vista against buffer overflows should shut down some current methods of attacks. Echoing Symantec's views, McAfee and other vendors are predicting that criminal hackers will turn away from operating system flaws and return to more traditional (and lately neglected) targets. Consider the recent attacks against Microsoft Office. But also we've seen fresh attacks against RealNetworks streaming video and Adobe Web products (Flash, Reader and Shockwave).

When criminal hackers look beyond Windows, they'll also start focusing seriously on Macs. Symantec recently published a report detailing vulnerabilities within Mac OS X. In The Mac OS X Threat Landscape: An Overview, which is available to members of Symantec's DeepSight subscription service, Symantec suggests that increased hacker scrutiny of Mac OS X will yield results. Mac OS X is based on FreeBSD, with an underlying kernel known as Darwin, a Mach-based kernel. Mac OS X integrates functionality from BSD and Mach and inherits many of the same security — and therefore, security flaws — as Unix-based operating systems. Vulnerabilities so far discovered within Mac OS X have included privilege escalation, client-side code execution and remote code execution.

And games, too
Recently, the online game Second Life suffered a worm. Security experts I've spoken with weren't surprised; wherever there's money, the criminals will follow. Currently, there's a lot of money (both real and virtual) in the online gaming community.

I think Windows Vista plays only a small part in this new criminal diaspora. There was a lull in malware during the year after Windows XP came out. I've always thought that criminals were just getting used to the new OS. But computer criminals have become far more sophisticated, well beyond our image of a lone hacker sitting in his parents' basement, and I think we won't see such a lull in 2007. With criminals dedicated to looking at flaws within different operating systems and within specific applications, I think I'm going to be busy in the coming months.

Related articles

Windows Vista RTM

Preview Microsoft has released its new operating system, Windows Vista, to hardware manufacturers, marking the end of the development phase and the beginning of the distribution phase. Everything's not perfect, but Microsoft expects to have all the glitches under control by the company's self-imposed January 2007 product release date. [09 Nov 2006]

2 Talkbacks


  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
97 out of 203 people found this useful


Full Talkback thread

1 comment

  1. Im using it 351668

New Products

Office 2010 Beta: a first look

Office 2010 Beta: a first look

How does the first public beta of Microsoft's next productivity suite differ from the Technical Preview? We have a hands-on evaluation.

Microsoft Security Essentials

Microsoft Security Essentials

Security Essentials is recommended if you want 'set and forget' security. If you need more robust configuration choices, or don't want to contribute to the cloud, then look elsewhere.

Office Web Apps Technical Preview: a First Look

Office Web Apps Technical Preview: a First Look

Microsoft Office finally makes it into the cloud with web-based versions of Excel, PowerPoint and Word. We take a hands-on look at this work in progress.

Google Wave: a First Look

Google Wave: a First Look

Google Wave is about to break. So what is Wave, and what does it actually do? We bypass the hype with a hands-on look at the Wave Developer Preview.

View all Previews

Video icon

Video

Sentry Posts Blog

Climate research centre compromised

One of the UK's leading climate change research centres has had a security breach. The Climate Research Unit at the University of East Anglia (UEA) suffered a compromise of information,... More

1 comment

Government web-monitoring plans on hol...

Government plans to compel ISPs to process and store details of all web communications have been put on hold until after the next election. The Home Office told ZDNet UK on Wednesday... More

1 comment

Watchdog reveals illegal sale of phone...

The Information Commissioner's Office is preparing a prosecution file against a mobile operator's employees who allegedly sold on thousands of customers' details to a competitor. The... More

1 comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

Newsletters