Posted on 01/26/2007 1:04:18 PM PST by ShadowAce
Users who put their faith in Vista's new security features and Microsoft's Windows Defender antispyware product may find themselves under attack from spyware all the same, according to the results of a study by Webroot, a leading antispyware vendor and Microsoft competitor.
On Thursday, the company released the results of what it claimed was a two-week study of Windows Defender that showed the product missed 84 percent of a sample set of 25 spyware and malicious code samples. The programs that slipped by were a mix of spyware, Trojan horse programs, and keyloggers. While many were not Vista compatible and simply crashed, others were able to install on Vista systems, said Gerhard Eschelbeck, Chief Technology Officer at Webroot.
Eschelbeck identified variants of common malware programs like DollarRevenue Trojan, PeperTrojan, and Playboydialler that made it by Windows Defender. Some of the variants were recently released, though others dated back to 2006, he said. Of the four programs Windows Defender did stop, most were non-malicious adware, he added.
"We wanted to validate the strong claims out of the industry that Vista was going to be a security solution for everybody and everything," Eschelbeck said.
Webroot picked the malicious code samples from tens of thousands of samples collected on its Phileas spyware scanning network. Webroot's Spy Sweeper product spotted all of the samples.
When asked, Eschelbeck acknowledged that 25 samples was a tiny fraction of Webroot's database of tens of thousands of malicious code samples. He also acknowledged that it may be possible for Microsoft or other competitors to pick samples of malicious code that would evade Webroot's Spy Sweeper product, given advanced knowledge of how Spy Sweeper's detection features worked.
"Nothing's impossible," Eschelbeck said.
A Microsoft representative challenged the study’s finding, saying the company was confident in Windows Defender's ability "to make the user’s computing experience a safer one."
The company also noted that Vista was "the most secure version of Windows to date" and that the operating system, "includes fundamental architectural changes that will help make customers more secure from evolving threats, including worms, viruses, and malware.
“These improvements minimize the operating system’s attack surface area, which in turn improves system and application integrity and helps organizations more securely manage and isolate their networks."
Eschelbeck said the purpose of the study wasn't to make invidious comparisons between the two products, but to raise questions about the detection capabilities and management of the Windows Defender product as Microsoft expands its profile as an enterprise and consumer security software vendor. "It's important to leave the interpretation up to individuals," he said. "People need to make their own conclusions about it."
Eschelbeck said Microsoft updates Windows Defender's spyware definitions weekly -- far too infrequently for the fast-moving malicious code scene. Eschelbeck also warned that malicious code authors would soon adapt to the architectural changes in Windows Vista that stopped many of the malicious code samples that got past Defender from working.
Microsoft, in its e-mail statement, noted that "no operating system is 100% secure" and that users should employ a defense in depth strategy involving software updates, a firewall, and anti-virus/anti-spyware program, "whether a Microsoft or third party solution."
Webroot, which is venture-funded, was an early pioneer in the antispyware software space and is one of the leading sellers of antispyware software to consumers. However, the company's prospects have been hurt by Microsoft's entry into the desktop and enterprise security business and the company's decision to offer Windows Defender as a free download.
The Webroot study is just the latest in a salvo of company-sponsored studies that seek to undermine the credibility of competing security products.
In September, a Microsoft-sponsored study by 3Sharp compared antiphishing toolbars by Google/Firefox, AOL, EarthLink, Geotrust, McAfee, and others and found the Internet Explorer antiphishing technology the most accurate. The Mozilla Foundation fired back in November with a competing study by SmartWare that found the Firefox antiphishing technology better than that of Internet Explorer. A subsequent independent study by Carnegie Mellon concluded that few of the available anti-phishing products are very reliable.
I use XP and haven't had a shred of spyware in over 4 years. I use no tools and no "blockers".
This is a straight-up hit piece.
If you aren't using any antispyware, how do you know? Run Windows Defender, then Spybot Search & Destroy, then Ad-Aware and see what you find. It takes all three to find everything.
It's a machine so I have a maintenence routine. I do check the registry from time to time for unusual keys and Task Manager to make sure no tasks are running that I didn't install.
Above all, I don't just click on any old thing.
It has been my belief for a long time that some of the companies who make spyware tools are the #1 purveyors of spyware, malware and adware.
This is somehow thread worthy? Looks more like a waste of bandwidth that could otherwise be used for discussing the war in Iraq, which I was attentively reading till I saw this waste of space. If you want to stop spyware turn off 3rd party cookies, you don't need them and that zaps 99+% of it for most users.
"Run Windows Defender, then Spybot Search & Destroy, then Ad-Aware and see what you find."
Hehe. Allow me to elaborate.
I have removed spyware, adware and malware from literally thousands of PCs and notebooks. I have used those tools so many times that I know what to look for without them. I just go look where they would.
As to the thread topic, I would definitely wait awhile before installing Vista, unless you partion off your HD or have an extra computer to use. Microsoft has also extended support for Windows XP Home edition, so there is literally no rush here.
The question I have is, if I buy a new computer after Vista Home is released, can I still install XP on it instead of Vista Bloatware and if so how long do I have before I can no longer buy it?
Gotcha. I just wonder how you manage to go anywhere on the internet without getting something somewhere sometime.
If I buy a new computer, as I probably will need to in the next twelve months, I would like it to come with XP. Which means finding a national supplier (Dell, HP, etc.) who will load it, or I will use a local supplier who will install it for me.
My question is will I even be able to buy a legal copy of XP after Vista consumer version comes out? If so, for how long?
u can ALWAYS get legal software at Ebay. The have gazillions of em around
Setting the bar fairly low eh?
Specifically, 16 percent safer.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.