Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Microsoft Asserts Vista Was Flawless

Microsoft has confirmed that 'Vista' can succumb to malware belonging to the year of 2004, but asserts it is not a flaw in the operating system.

Security vendor 'Sophos' on November 30, 2006 reported that it was possible to exploit Microsoft's 'Vista' by at least three items of malware. Two of them date back to 2004. The three popular Internet worms labeled by Sophos as 'Stratio-Zip', 'Netsky-D', and 'MyDoom-O' are able to run on the operating system.

Microsoft has come under great pressure that it has been compelled to ship much more restrictive code. The company is sure that this will resolve many of its security issues. Also, if it denies access to the Windows' core part, the 'kernel', is a must if the company wants to accomplish its security goals.

Russ Cooper, a 'senior information security analyst' at 'CyberTrust' said, Microsoft is totally mistaken that it will be able to provide patches for 'Vista beta testers', in any other form than 'official beta tester channels'.

Both McAfee and Symantec have expressed impatience saying Microsoft has taken too long to provide the detailed API information. They need this information so that they can make their products ready and suitable for 'Vista'. Microsoft, however, disagrees with it and said it was one part of its operating system, which was going through modifications.

But as these attacks depend on 'user interaction' to run the code, Microsoft has declared the flaw to be untrue. Microsoft said these types of attacks actually rely on social engineering techniques to succeed.

Although Microsoft did not blame third-party e-mail clients for this problem, the company said 'User Account Control' (UAC) could help to give better protections. UAC restricts users' ability to install applications that do not have 'administrator privileges'. IT managers can run those 'Vista end-user accounts' that have limited "standard user" privileges, while possibly not those having 'administrator privileges'. These accounts also alert for security measures when trying to run executable code.

On December 1, 2006, Microsoft had to defend itself against charges that it had stepped back from its promise to make Windows Vista adjustable with third-party security products and that IE7 was vulnerable.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 12/11/2006

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page