Click here to receive your FREE subscription to Campus Technology
News
Vista Vulnerability Study Puts Microsoft on Defensive
5/15/2008
Microsoft and some independent security researchers had the blogosphere buzzing Wednesday over a series of denunciations after one company claimed that the Vista operating system was more vulnerable to malware and other exploits than previous operating systems.
Late last week, a study by Sydney, Australia-based anti-virus concern PC Tools suggested that although Vista was an improvement over Windows XP in respect to system fortitude, it is more easily encroached upon by malware and other exploits than Windows 2000. PC Tools found that for every 1,000 machines running Vista, 639 suffered from cases of malware in varying degrees. Among machines running Windows 2000, 586 were found compromised; for Windows 2003, 478.
At the root of Microsoft staffer Austin Wilson's refutation of the company's findings is the assertion that the numbers PC Tools used to reach its conclusion don't stem from data with a proper control factor; essentially, the net wasn't cast wide enough to capture the true effect of malware on Vista.
"We study the malware space very carefully and publish our results twice a year in the Security Intelligence Report," Wilson wrote in the Vista security blog. "This report is compiled from statistics on malware infections based on over 450 million executions of the Malicious Software Removal Tool (MSRT). Microsoft is a member of AMTSO (Anti Malware Testing Standards Organization) and its charter includes defining test methodology so that there is a minimum quality bar to all testing of this type."
It wasn't just Microsoft; criticisms of PC Tools' report came from as far away as Eastern Europe in the form of IT pros such as Dennis Kudin, CTO of Ukraine-based Information Security Center Ltd. In a blog post of his own, Kudin wrote, "I think [the study] is a very dangerous delusion. First of all, the difference between 639 and 586 is not big and can be easily explained."
Reached by Redmondmag.com for comment on the issue, Michael Greene, PC Tools' vice president of product strategy, said that it's not enough to just identify the presence of malware on systems and that his company takes a "behavioral approach" to identifying what the real dangers are or could be. He added that it's this type of thinking that prompted the research in the first place.
"Our thing is, don't take our word for law that it's malware," Greene said. "Run your scanners to look at the severity of what's happening. With our findings, what you see is how unique pieces of malware got on these machines in question and the question you ask is, 'How did they get through?' Look, everybody knows that Vista is more secure than XP, but the problem isn't solved."
Recommended Reading
- Moodle Gets SCORM Improvements, Security Fixes
New versions of Moodle have been released, bringing the most recent stable build to 1.9.3. The latest round of updates includes a number of bug fixes and security enhancements, as well as improvements to the SCORM module.
- Free 'Morro' Antivirus To Replace Microsoft OneCare
Microsoft is rolling out a free antivirus software program for consumers that will compete with products made by Symantec and McAfee. Code-named "Morro," the AV app is expected to be available by the end of 2009.
- Microsoft Demos New SQL Server Features at PASS
Microsoft Wednesday previewed the ability to centrally manage applications and resources in the planned upgrade of SQL Server, code-named "Kilimanjaro."
- Microsoft Unveils Exchange and SharePoint as Services
Microsoft exec Stephen Elop on Monday announced two hosted solutions from Microsoft--Exchange Online and SharePoint Online--which are now available to organizations of all sizes in the United States. The software, paid for by annual subscriptions, is hosted on Microsoft's servers and supported by Microsoft's channel partners.
- 6 Ways Not To Become Rote Using Instructional Technology
There are, in my experience, six strategies to consider with any use of technology that will guard against rote use of technology and facilitate critical analysis of teaching and learning effectiveness. In this article, I'll share with you the checklist I work with and encourage others to work with in learning about and using new technology.
- Bringing Student Web "Stuff" to Campus Enterprise Systems
How can an institution incorporate Web 2.0 learning opportunities for students, and evidence of learning from those opportunities, into existing campus technologies and processes? PlugJam is providing part of the answer.
