Sophos Claim: One-Third Of November's Malware Can Breach Vista
Although Vista's integrated e-mail client stopped all 10 pieces of malware that made November's list of most common threats, three bypassed Vista's built-in defenses when a third-party e-mail client was used.
As Microsoft touted Windows Vista's improved security at the operating system's U.S. launch on Thursday, a security vendor said that a third of the month's top 10 exploits can successfully infect a Vista-equipped PC.
"Vista's baseline protection is adequate, and the operating system will be great for people who don't have any protection at all, but there will continue to be the need for additional security," says Ron O'Brien, a senior security analyst with Sophos.
Although Vista's integrated e-mail client—dubbed Windows Mail to separate it from the now-defunct Outlook Express—stopped all 10 pieces of malware that made Sophos' November chart, three bypassed Vista's built-in defenses when a third-party e-mail client was used. The trio that managed to hit Vista—Stratio.zip (aka Stration), Netsky.d, and MyDoom.o—accounted for nearly 40% of the malware volume Sophos detected in the month.
"No operating system is 100% secure," says O'Brien. "But hopefully Vista will contribute to the decline in some types of malware."
Sophos' results echo comments made Wednesday by other security analysts, who predicted that new security techniques and technologies in the operating system will prevent some kinds of exploits, but do little to prevent social engineering-style attacks that rely on duping users into visiting Web sites or opening e-mailed file attachments.
"These aren't exploiting a vulnerability," notes O'Brien, but instead user interaction to infect or hijack a PC.
O'Brien says Vista would soon be in hackers' crosshairs. "It won't be long before cybercriminals develop Vista-specific malware or modify current threats to fit the bill," he predicts. "Stratio.zip, for example, remains on the top 10 due to constant, minor alterations to its code that force security systems to re-identify the malware."
Stratio.zip, which held the top spot and accounted for a third of all e-mailed malware in November, replaced the long-running big dog, Netsky.p, a worm that first appeared in 2004. "Netsky.p is proof that there are a large number of unprotected machines out there," says O'Brien. "Even the most basic [antivirus] protection would prevent Netsky from propagating."
Netsky.p, which took second place in Sophos' November top 10, accounted for 15.6% of all malware. Bagle.zip, Zafi.b, and Netsky.d held down the third through fifth spots, respectively.
In other security news Thursday, most of the major antivirus vendors announced that their product lines supported the just-introduced Windows Vista. Symantec and CA, for example, both touted new enterprise software that runs on Vista; the former said it would ship Vista-ready titles in December. Meanwhile, Trend Micro told customers that although it hadn't wrapped up Vista development, betas of its Vista-enabled antivirus title still were available.
[Interop ITX 2017] State Of DevOps ReportThe DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.