forums Check out our forums for fast, friendly, computer advice from tech experts. | feeds Add to My AOL, MyYahoo, Google, GeeksToGo
geek ('gēk), noun.
1. Obsessive Computer User: somebody who enjoys or takes pride in using computers or other technology, often to what others consider an excessive degree
2. Someone with greater than normal computer skills.

Geeks To Go

Windows Vista and protection from malware

20 Dec, 2006  Posted by Blair in Microsoft, Operating Systems, Security

On November 30, Sophos issued its monthly report on the top ten threats reported to them in November of 2006. As a part of this, Sophos also studied Windows Vista’s vulnerability to these malware threats. I found the information and press discussion confusing, so I thought I would clarify what this really means for customers.

In order to understand what was really going on here, I asked the team to go look at the technical facts behind the story, and that started in the lab. We began by observing first-hand how these various forms of malware affect a Windows Vista system using a machine that was configured with the default settings and without any additional security software. What we found was that if you are using only the software in Windows Vista (e.g., Windows Mail and no add-on security software), then you are immune to all ten of the malware threats that Sophos cited.

If you are using Microsoft Outlook or a third-party email client that blocks execution of known executable formats, then a user running Windows Vista is not vulnerable to eight of the ten malware threats. In the case of the ninth piece of malware, Bagle-Zip, the malware is able to run because it uses the .ZIP file format which some mail programs do not block. In the case of the tenth piece of malware, Mydoom-O, the malware is sometimes able to run because it randomly chooses the file type to which to distribute its payload and sometimes that file type is an executable inside a .ZIP file, which some mail programs do not block. In both cases, this is a function of the e-mail software, not Windows Vista. That said, even when a user receives a mail infected with Bagle-Zip or Mydoom-O in the .ZIP file format, in order for the malware to affect the system, the user must first explicitly open the .ZIP file and then explicitly run the executable file that’s contained inside the .ZIP file — there is no way for this to happen without two steps of user action. If you happen run a third-party email client that does not block known executable formats, then you may also be vulnerable to Netsky-D.

View: Full Story Via: Windows Vista Blog


Related Posts:

Leave a Comment

Name: (Required)

E-mail: (Required)

Website:

Comment: