Symantec: Out of the Box, Vista Prone to Legacy Threats

Symantec Security Response has spent months throwing every hack but the kitchen sink at Microsoft's Vista operating system, and on Feb. 28 it released a series of papers that showed just how bloodied or victorious Vista remained. The result: "There are existing codes that can survive Vista without being modified— [certain] keyloggers, worms, Trojans, and spyware are able to survive," said Symantec Research Scientist Ollie Whitehouse in an interview with eWEEK.

The current threat level of the Vista security-resistant malware is "relatively low," Whitehouse said, but he said that out of box, Vista already has several legacy threats. "It won't take much for [those] to evolve," he said. This is in spite of Microsoft's years of work and investments in new security technologies, which Symantec predicted will result in "fewer instances of widespread worms that target core Windows operating system vulnerabilities," researchers wrote in one report, "Microsoft Windows Vista and Security."

View: eWeek
News source: eWeek

Report a problem with article
Previous Story

Samsung begins volume producing 60nm DRAM

Next Story

Lawmakers working to ban hacked RFID door cards

25 Comments

Commenting is disabled on this article.

Seriously, so what about Symantec passing for VB100? If you put a program on your computer that CRIPPLES your computer LIKE A VIRUS, then there is no purpose. Doesn't take a genius to figure that out.

Symantec you didn't get the kind of kernel you wanted, well booo-hooo
But quit your freakin' whining.

Slows your machine and needs tremendous exorcistic counseling

Zyphrax said,
Symantec you didn't get the kind of kernel you wanted, well booo-hooo
But quit your freakin' whining.

Slows your machine and needs tremendous exorcistic counseling


HAHAHAH!!!
Fantastic!

I seriously don't understand the PR team over at Symantec.
They know about everyone aside from granny jane doe knows their products are useless, Yet they spend their workdays bashing Microsoft. It's like Apple all over again.

Oh Symantec... if I had a choice between having a virus or your software I'd pick the virus. Less damage to the computer that way.

Well, the thing that isn't mentioned is... Is that "keyloggers, worms, Trojans, and spyware" can survive in Vista because it has to support applications that do that. If you completely wipe out the API to "capture" keyboard/mouse input... You've successfully removed support for custom keyboards/mice/etc... I also don't know how many games 'hook' the keyboard input, but I'm sure it'd also remove support from those as well.

There is no certain way for a computer to find out if an application is doing something as part of it's normal operation or because the program is malicious. The only way to stop programs like that is to either never browse/read email and generally keep your computer unplugged and never install anything on to it from any media. Unless you want to always run in a guest type account without any execute/write permissions except for a couple "approved" exes.

Anyway, I personally believe articles like this are pure FUD. Malware is a user issue, not an OS issue. The only thing the OS can do is let the user know that it's there. (taskmgr)

lol keep in mind this is SYMANTEC, so we must believe what they say.

....I also remember how there OWN software fails to pick up about 70% of virus's on a computer. Oh and the massive memory usage, crippling windows. eh never mind...

I like how everyone calls "FUD" on anything that might imply there is a problem with a Microsoft product, then in the very same post spreads FUD back.

Symantec is VB100 certified on all four Windows platforms tested (XP through VISTA). You might need to register to that site, but please do. It will open your eyes. Microsoft's own OneCare did not certify VB100 this last round - it failed on Vista (I am sure this is already known to someone as well-versed as you, right?).

Incidentally, you can see Symentec's history here. They have had 100% (that is flawless, by the way) detection in tests (conducted roughly 4x a year) since November 1999 (before that, they were hit-or-miss). Please, don't take my word for it. Register and compare all these product test results yourself!

Yes, I see FUD being spread here, indeed...

Incidentally, you can see Symentec's history here. They have had 100% (that is flawless, by the way) detection in tests (conducted roughly 4x a year) since November 1999 (before that, they were hit-or-miss). Please, don't take my word for it. Register and compare all these product test results yourself!

Unfortunately, your links give me a 500: Internal Server Error, so I can't check them.
The difference in my post accusing them of FUD and them is that they base it on speculation ("it won't take long for them to evolve"... wtf?), and I base mine on real user product reviews.

But you go ahead and use your VB100 certified products. I sure won't and would rather objectively look at the situation...
http://tech.cybernetnews.com/2006/09/04/an...t-antivirus-is/ (147000+ virus test)

^-- Not uncommon results.

After switching to NOD32, my micro-lockups all the time in Firefox and other apps suddenly disappeared too, and that's neither lies nor exaggerations. I wonder why that happened...

Jugalator said,
But you go ahead and use your VB100 certified products. :)
I don't. Most don't run in Linux. ;)

I just hate to see people spreading crap (and anecdotal evidence doesn't rank very high to me, either).

Jugalator said,
But you go ahead and use your VB100 certified products. I sure won't and would rather objectively look at the situation...
http://tech.cybernetnews.com/2006/09/04/an...t-antivirus-is/ (147000+ virus test)

^-- Not uncommon results.

After switching to NOD32, ...


Interesting test. Direct link: http://www.virus.gr/english/fullxml/default.asp?id=82
Not surprised to see Kaspersky on the first place, it's clearly the best
According to this test though, you'd have to be pretty damn stupid to use Nod32, as it only reached a pitiful 10th place
Ok, so it's (supposedly) good at catching unknown viruses, but what good is that when it sucks at catching known viruses? x)

Not surprised to see Norton down on place 22 either. I'm sure if OneCare was on that list, it would fare even worse, as it even failed at the VB100 test

Why's Symantec ( and mostly just Symantec! ) spreading so much FUD about Vista?

I'm guessing they're intimidated by its improved security features with things like UAC, random process addressing, improved firewall, built-in anti-malware, ... and think it threatens their market. But in either case, I think they'd look more professional if they just focused on working on their own software instead of making "statements" about this and that. Because there's a lot of work to do there!

I can only say that out of the box, Symantec products can cause numerous problems.

Regardless of how there software works or if it even strangles your cat, if they know something about Vista security that isn't right then poeple need to know.

I agree, Symantec needs to leave it alone. You don't see Microsoft releasing statements about Symantec's software being bloatware, right? Of course, everyone already knows it, so I guess it would be a moot point...

betasp said,
Their job is to make sure people can FEEL secure about their machines. Are they lying, no YES. Then there is no LOTS of FUD here.

There...fixed that for you.

betasp said,
Their job is to make sure people can secure their machines. Are they lying, no. Then there is no FUD here.

No, not FUD, but just typical symantec saying what they need to say, PR wise, to get people to buy and keep using their AV software.

Basically what they've said is this "Yes Vista is more secure out of the box, but you still need us for the future when hackers update their code to attack it better."

In a way they've just proved what MS has been saying, "Vista is our most secure OS to date." And it's holding true, malware/viruses/trojens can still find their way on your PC, if you don't pay attention to what your doing and click yes to everything, then that's what happens. But these things, even if they do find their way on your PC, are very limited in what they can do unless you just click YES all the time to UAC etc.

Their job is to make sure people can secure their machines. Are they lying, no. Then there is no FUD here.

It doesn't have to be lies to be FUD; merely exaggerations of problems is enough.
And Symantec is pretty clearly doing that in my eyes to promote their products.