HolidayBuyer's Guide

Spyware, Viruses, & Security forum

General discussion

NEWS - January 24, 2008

by Donna Buenaventura / January 23, 2008 5:03 PM PST

Windows Vista One Year Vulnerability Report

Windows Vista shipped to business customers on the last day of November 2006, so the end of November 2007 marks the one year anniversary for supported production use of the product.

This paper analyzes the vulnerability disclosures and security updates for the first year of Windows Vista and looks at it in the context of its predecessor, Windows XP, along with other modern workstation operating systems Red Hat, Ubuntu and Apple products.

The results of the analysis show that Windows Vista has an improved security vulnerability profile over its predecessor. Analysis of security updates also shows that Microsoft improvements to the security update process and development process have reduced the impact of security updates to Windows administrators significantly compared to its predecessor, Windows XP.

You can download the paper (in PDF format) at http://blogs.technet.com/security/attachment/2772991.ashx

http://blogs.technet.com/security/archive/2008/01/23/download-windows-vista-one-year-vulnerability-report.aspx

Discussion is locked
You are posting a reply to: NEWS - January 24, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - January 24, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Hacked embassy websites found pushing malware
by Donna Buenaventura / January 23, 2008 5:12 PM PST

Add embassy websites to the growing list of hacked internet destinations trying to infect visitor PCs with malware.

Earlier this week, the site for the Netherlands Embassy in Russia was caught serving a script that tried to dupe people into installing software that made their machines part of a botnet, according to Ofer Elzam, director of product management for eSafe, a business unit of Aladdin that blocks malicious web content from its customers' networks. In November the Ministry of Foreign Affairs of Georgia and Ukraine Embassy Web site in Lithuania were found to be launching similar attacks, he says.

All three sites had been hacked to include invisible iframes that initiated a chain of links that ultimately connected to servers hosting malicious code, which was heavily obfuscated to throw off antivirus systems.

http://www.theregister.co.uk/2008/01/23/embassy_sites_serve_malware/

Collapse -
Windows Vista Deemed 'Most Secure'
by Donna Buenaventura / January 23, 2008 5:17 PM PST

A new report from Microsoft bases the claim on the 36 vulnerabilities fixed in Windows Vista during its first year, compared to the 65 found in Windows XP, but analysts remain skeptical.

Windows Vista gets high marks for security, from Microsoft at least.

Eric Schultze, chief technology officer of St. Paul, Minn.-based Shavlik Technologies, considers such metrics to be apples-to-oranges comparisons. "When you start counting vulnerabilities, it's a matter of defining vulnerabilities," he said. "For example, if a bulletin is released for Internet Explorer, that's one patch for IE. Microsoft may have broken it out to say there are five distinct issues fixed in this patch. Is that five vulnerabilities or is that one vulnerability because it's one patch?"

Dave Marcus, security research and communications manager of McAfee Avert Labs, gives Wilson credit for some good points but believes it's still too early to declare victory for Vista. "Wilson put forth a very good argument," he said. "His stats are valid, but I think he fails to take into account that most businesses have not deployed Vista, nor have most consumers."

Complete story at Information Week

Collapse -
Symantec Says More Acquisitions Possible As Company Defends
by Donna Buenaventura / January 23, 2008 6:10 PM PST

Symantec officials discuss the possibility of acquisitions and the defense of the company's turf in the security space after announcing strong third-quarter results.

Symantec officials emerged from the third quarter of fiscal 2008 upbeat about both the possibility of acquisitions and Symantec's place in the security market.

While CEO John Thompson stressed that the company had no big acquisition plans looming, he said Symantec will look to buy companies that fit into its plans around security and data management.

http://www.eweek.com/c/a/Security/Symantec-Says-More-Acquisitions-Possible-As-Company-Defends-Turf/

Collapse -
US-CERT: Keeping Children Safe Online
by Donna Buenaventura / January 23, 2008 6:17 PM PST

Children present unique security risks when they use a computer?not only do you have to keep them safe, you have to protect the data on your computer. By taking some simple steps, you can dramatically reduce the threats.

What can you do?

Be involved
Keep your computer in an open area
Set rules and warn about dangers
Monitor computer activity
Keep lines of communication open
Consider partitioning your computer into separate accounts (If you don't have separate accounts, you need to be especially careful about your security settings.)
Consider implementing parental controls

There are other resources you can use to control and/or monitor your child's online activity. Some ISPs offer services designed to protect children online. Contact your ISP to see if any of these services are available. There are also special software programs you can install on your computer. Different programs offer different features and capabilities, so you can find one that best suits your needs. The following web sites offer lists of software, as well as other useful information about protecting children online:

GetNetWise - http://kids.getnetwise.org
Yahooligans! Parents' Guide - http://yahooligans.yahoo.com/parents/

More at http://www.us-cert.gov/cas/tips/ST05-002.html

Collapse -
Google and eBay thwart phishing redirection ruse
by Donna Buenaventura / January 23, 2008 6:20 PM PST

High-profile websites have cleaned up their act after a small team of security researchers documented how they were unwittingly helping phishing fraudsters.

Phishing scams often use "open redirector" exploits on major sites to make their attack URL look more legitimate. The trick also makes it more likely that fraudulent emails that form the basis of phishing attacks will slip past spam filters.

Typically, security shortcomings on targeted sites allow scammers to furnish links that appear kosher but actually redirect to a fraudulent site.

Previous Register stories have covered examples of the ruse practiced on websites including Barclays Bank, eBay, and others.

A campaign by SiteTruth to name and shame high profile firms that fail to block open redirector exploits is beginning to bear fruit.

http://www.theregister.co.uk/2008/01/23/ebay_thwarts_redirection_ruse/

Collapse -
Best Buy sold infected digital picture frames
by Donna Buenaventura / January 23, 2008 11:15 PM PST

Best Buy Co. has confirmed that, during the holidays, it sold digital picture frames that harbored malicious code able to spread to any connected Windows PC. It is not recalling the frames, however.

What Best Buy called "a limited number" of the 10.4-in. digital frames sold under its in-house Insignia brand were "contaminated with a computer virus during the manufacturing process," according to a notice posted on the Insignia site last weekend. The frame -- which carried the part number NS-DPF10A -- has been discontinued, and all remaining inventory pulled, Best Buy added.

But that didn't happen until after some of infected frames were sold to customers.

http://www.insignia-products.com/news.aspx?showarticle=13
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9058638&taxonomyId=17&intsrc=kc_top

Collapse -
First virus writer arrested in Japan.. for breaching copyrig
by Donna Buenaventura / January 23, 2008 11:18 PM PST

P2P malware displayed anime characters on screen while wiping music and movie files

Experts at SophosLabs?, Sophos's global network of virus, spyware and spam analysis centers, has reminded businesses to defend their networks from malware attack, following the first ever arrest by Japanese authorities of a virus writer.

Police in Kyoto have arrested three men, who are said to have been involved in a plot to infect users of the P2P file-sharing network Winny with a Trojan horse that displayed images of a popular anime characters while wiping music and movie files. The malware, which has been dubbed Harada in media reports, is believed to be related to the Pirlames Trojan horse which Sophos reported intercepting in Japan last year.

According to Japanese media reports, the three men have admitted their involvement in the crime. One of the men is said to have written the malware, while the other two are believed to have distributed the malicious code via Winny.

http://www.sophos.com/pressoffice/news/articles/2008/01/harada.html

Collapse -
Don?t assume WPA2 is more secure than WPA
by Donna Buenaventura / January 23, 2008 11:23 PM PST

AirDefense recently did a Wireless LAN security survey of New York City retailers where they declared two thirds of retailers insecure according to John Cox?s story. According to the AirDefense survey, a third used zero link layer wireless LAN security (explanation of link layer here) and a third used ?weak security?. AirDefense goes on to say that one third was secure using WPA2 which Cox described as a ?quantum improvement? and said that it ?brought 802.1x authentication down to every device?.

The first problem with this report is that AirDefense lumped WPA-PSK in with WEP which is ludicrous since there?s no comparison on the level of security. WPA-PSK if deployed with a reasonably complex password of 10 or more random alphanumeric characters has never been broken whereas WEP can be broken in minutes. The second problem is the implication that only WPA2 brings 802.1x authentication when in fact 802.1x has been used since 2000 with dynamic WEP mode or WPA (AKA 802.11i draft) mode.

WPA2 can just as easily be used in PSK (pre-shared key) authentication mode along with the weaker TKIP encryption mode. WPA can just as easily be used in 802.1x authentication mode along with the strongest AES encryption mode. So in this particular example, WPA can actually be deployed in a stronger authentication and encryption mode than WPA2.

Read more at http://blogs.zdnet.com/security/?p=826

Collapse -
Symantec edges out ZoneAlarm in Security Baseline
by Donna Buenaventura / January 23, 2008 11:42 PM PST

Symantec's security suite has gained more first-place awards from respected test labs than the well-known ZoneAlarm suite, pushing Symantec into the top spot in our WSN Security Baseline.

We publish the baseline and update it whenever our analysis of the recommendations of leading PC publications and Web sites changes.

To see all of the top-rated products, visit the Security Baseline.

http://windowssecrets.com/comp/080124#story1

Collapse -
First ?cyber-war? hacker convicted in Estonia
by Donna Buenaventura / January 24, 2008 2:25 AM PST

In April 2007, moving a Soviet statue from the centre of Tallinn to a suburb sparked anger within the country?s Russian community. They got organised and then requested and received the support of their compatriots. What developed was a form of ?cyber demonstration?. Today, an AFP press release (French Press Agency) announces the first arrest regarding this crisis:

?Dmitri Galushkevich is the first hacker to be sentenced for organising a massive cyber-attack against an Estonian web-page,? Gerrit Maesalu, spokesperson for the regional prosecutor?s office in north-east Estonia, told AFP.

http://www.avertlabs.com/research/blog/index.php/2008/01/24/first-cyber-war-hacker-convicted-in-estonia/

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

HOLIDAY GIFT GUIDE 2017

Cameras that make great holiday gifts

Let them start the new year with a step up in photo and video quality from a phone.