F
Former captain of the Enterprise
Guys what have I been telling you all along.. vista will have MORE attacks
than XP
ever had... because... JUST BECAUSE everything about vista is arrogant...
and hackers smack down arrogance, because... JUST BECAUSE vista claims
that it is more secure, that is a challenge to them to prove how crappy
vista really is.. We all saw what happened with the cursor exploit
thing, making Vista explorer crash again and again... did you see the
youtube video???
What a fiasco... vista secure.? I don't think so......
http://keznews.com/2752_Russinovich:_Malware_will_thrive,_even_with_Vista?s_UAC
Despite all the anti-malware roadblocks built into Windows Vista, a senior
Microsoft official is lowering the security expectations, warning that
viruses, password-stealing Trojans and rootkits will continue to thrive as
malware authors adapt to the new operating system.
Mark Russinovich (right), technical fellow in Microsoft's Platform and
Services Division, used the spotlight of the CanSecWest security conference
in Vancouver to discuss the implementation of UAC (User Account Control) in
Windows Vista and made it clear that the feature is not meant to be a
security barrier.
"It's a best effort to raise the bar and stop malware from making changes to
the operating system but it's not a security boundary," Russinovich said of
UAC, the oft-criticized mechanism that requires that all users run without
full admin rights.
In a straightforward assessment of the threat landscape in a Vista world,
Russinovich described malware authors as ISVs that will code for a standard
user environment.
"There is no guarantee that malware can't hijack the elevation process or
compromise an elevated application," Russinovich said after providing a
blow-by-blow description of how UAC works in tandem with Internet Explorer
(with Protected Mode) to limit the damage from malicious files.
Even in a standard user world, he stressed that malware can still read all
the user's data; can still hide with user-mode rootkits; and can still
control which applications (anti-virus scanners) the user can access.
"We'll see malware developing its own elevation techniques," Russinovich
said. He demonstrated a social engineering attack scenario where a fake
elevation prompt can be used to trick users into clicking "allow" to give
elevated rights to a malicious file.
He predicted a world where malware authors create programs that elevate
rights to jump accounts and disable security or develop general and
application-specific elevation hijacking.
"You will see malware spoofing over-the-shoulder credential prompt and even
launching a medium integrity level process int he administrator's account,"
Russinovich said.
At this level, the malware author has access to all the administrators data
and can inject itself into the admin's account (e.g. the Runkey) to use
additional elevation techniques.
"The malware author will say, 'I can live in a Vista world without needing
to take over the entire box'. They will end up thriving in the standard user
environment, setting up botnets, grabbing your keystrokes," he declared.
source: blogs.zdnet.com
than XP
ever had... because... JUST BECAUSE everything about vista is arrogant...
and hackers smack down arrogance, because... JUST BECAUSE vista claims
that it is more secure, that is a challenge to them to prove how crappy
vista really is.. We all saw what happened with the cursor exploit
thing, making Vista explorer crash again and again... did you see the
youtube video???
What a fiasco... vista secure.? I don't think so......
http://keznews.com/2752_Russinovich:_Malware_will_thrive,_even_with_Vista?s_UAC
Despite all the anti-malware roadblocks built into Windows Vista, a senior
Microsoft official is lowering the security expectations, warning that
viruses, password-stealing Trojans and rootkits will continue to thrive as
malware authors adapt to the new operating system.
Mark Russinovich (right), technical fellow in Microsoft's Platform and
Services Division, used the spotlight of the CanSecWest security conference
in Vancouver to discuss the implementation of UAC (User Account Control) in
Windows Vista and made it clear that the feature is not meant to be a
security barrier.
"It's a best effort to raise the bar and stop malware from making changes to
the operating system but it's not a security boundary," Russinovich said of
UAC, the oft-criticized mechanism that requires that all users run without
full admin rights.
In a straightforward assessment of the threat landscape in a Vista world,
Russinovich described malware authors as ISVs that will code for a standard
user environment.
"There is no guarantee that malware can't hijack the elevation process or
compromise an elevated application," Russinovich said after providing a
blow-by-blow description of how UAC works in tandem with Internet Explorer
(with Protected Mode) to limit the damage from malicious files.
Even in a standard user world, he stressed that malware can still read all
the user's data; can still hide with user-mode rootkits; and can still
control which applications (anti-virus scanners) the user can access.
"We'll see malware developing its own elevation techniques," Russinovich
said. He demonstrated a social engineering attack scenario where a fake
elevation prompt can be used to trick users into clicking "allow" to give
elevated rights to a malicious file.
He predicted a world where malware authors create programs that elevate
rights to jump accounts and disable security or develop general and
application-specific elevation hijacking.
"You will see malware spoofing over-the-shoulder credential prompt and even
launching a medium integrity level process int he administrator's account,"
Russinovich said.
At this level, the malware author has access to all the administrators data
and can inject itself into the admin's account (e.g. the Runkey) to use
additional elevation techniques.
"The malware author will say, 'I can live in a Vista world without needing
to take over the entire box'. They will end up thriving in the standard user
environment, setting up botnets, grabbing your keystrokes," he declared.
source: blogs.zdnet.com