Click here to receive your FREE subscription to Campus Technology
News
Vista Vulnerability Study Puts Microsoft on Defensive
5/15/2008
Microsoft and some independent security researchers had the blogosphere buzzing Wednesday over a series of denunciations after one company claimed that the Vista operating system was more vulnerable to malware and other exploits than previous operating systems.
Late last week, a study by Sydney, Australia-based anti-virus concern PC Tools suggested that although Vista was an improvement over Windows XP in respect to system fortitude, it is more easily encroached upon by malware and other exploits than Windows 2000. PC Tools found that for every 1,000 machines running Vista, 639 suffered from cases of malware in varying degrees. Among machines running Windows 2000, 586 were found compromised; for Windows 2003, 478.
At the root of Microsoft staffer Austin Wilson's refutation of the company's findings is the assertion that the numbers PC Tools used to reach its conclusion don't stem from data with a proper control factor; essentially, the net wasn't cast wide enough to capture the true effect of malware on Vista.
"We study the malware space very carefully and publish our results twice a year in the Security Intelligence Report," Wilson wrote in the Vista security blog. "This report is compiled from statistics on malware infections based on over 450 million executions of the Malicious Software Removal Tool (MSRT). Microsoft is a member of AMTSO (Anti Malware Testing Standards Organization) and its charter includes defining test methodology so that there is a minimum quality bar to all testing of this type."
It wasn't just Microsoft; criticisms of PC Tools' report came from as far away as Eastern Europe in the form of IT pros such as Dennis Kudin, CTO of Ukraine-based Information Security Center Ltd. In a blog post of his own, Kudin wrote, "I think [the study] is a very dangerous delusion. First of all, the difference between 639 and 586 is not big and can be easily explained."
Reached by Redmondmag.com for comment on the issue, Michael Greene, PC Tools' vice president of product strategy, said that it's not enough to just identify the presence of malware on systems and that his company takes a "behavioral approach" to identifying what the real dangers are or could be. He added that it's this type of thinking that prompted the research in the first place.
"Our thing is, don't take our word for law that it's malware," Greene said. "Run your scanners to look at the severity of what's happening. With our findings, what you see is how unique pieces of malware got on these machines in question and the question you ask is, 'How did they get through?' Look, everybody knows that Vista is more secure than XP, but the problem isn't solved."
Recommended Reading
- Tufts Grants Rights for Mileage-Increasing Transportation Technology to Electric Truck
Tufts University has optioned rights to a technology that can recharge the batteries of any hybrid electric and electric-powered vehicle while it is driven. The Tufts-developed technology could increase by 20 percent to 70 percent the miles per gallon or total driving range performance of vehicles like the Honda Civic, Ford Escape, and Toyota Prius hybrids and the Tesla Motors and Phoenix Motorcars electric vehicles.
- U Florida and Cyntellect Collaborate to Unlock Mysteries of Cancer Stem Cells
The University of Florida has entered into a research agreement with life sciences company Cyntellect. The university's Interdisciplinary Center for Biotechnology Research will work with the company to focus on a variety of research areas including the purification and analysis of cancer stem cells (CSCs), rare cells believed to be directly involved in propagating cancers.
- George Mason U Receives Grant To Deploy Intergraph Apps for Intelligence Curriculum
George Mason University (GMU) in Fairfax, VA has been awarded a grant from Intergraph to enable students enrolled in GMU's Geospatial Intelligence Graduate Certificate program to use the company's geospatial production and exploitation software as part of their core curriculum.
- Institute for Cyber Security at U Texas, San Antonio Opens Incubator
The University of Texas at San Antonio (UTSA) Institute for Cyber Security (ICS) has launched a new Internet security incubator. The incubator was developed to commercialize promising technologies that address major cyber security and privacy issues. The first companies to enter the incubator are Denim Labs and SafeMashups.
- ISO/IEC Publishes Office Open XML Standard
ISO/IEC has published the Office Open XML (OOXML) file format standard, formally known as ISO/IEC 29500:2008. It describes file formats originally designed by Microsoft for its Office 2007 productivity suite, which are used in presentation, spreadsheet and word processing applications.
- Dynamics NAV 2009 ERP Coming Next Month
Microsoft exec Kirill Tatarinov Wednesday described some new features to expect in the forthcoming Microsoft Dynamics NAV 2009 enterprise resource planning solution. He gave the keynote address at Microsoft's Convergence 2008 event in Copenhagen, Denmark.
