funsec mailing list archives
RE: Microsoft blames Vista insecurity on thirdparty applications
From: Larry Seltzer <Larry () larryseltzer com>
Date: Wed, 20 Dec 2006 19:28:20 -0500
Here's the quick test: Drop the .exe on the destop and double-click
it. Did you get infected? Then you're not immune. How did you get the executable? That's the point Allchin is making. The usual vector is e-mail and any Microsoft e-mail client for the last 5+ years blocks them by default. (Web mail is very popular now, but all the major ones are AV-scanned.) As Nick pointed out, there are other potential vectors for this malware, open shares and stuff like that. I suspect these are much harder to get through in Vista than in XP, even SP2. It would be interesting to gather a good collection of the vectors actually in use and compare their status in Vista to previous versions. I'll start talking to vendors about it. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.eweek.com/blogs/larry%5Fseltzer/ Contributing Editor, PC Magazine larryseltzer () ziffdavis com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Microsoft blames Vista insecurity on third party applications Fergie (Dec 20)
- RE: Microsoft blames Vista insecurity on third partyapplications Blanchard_Michael (Dec 20)
- Re: Microsoft blames Vista insecurity on third party applications Blue Boar (Dec 20)
- Re: Microsoft blames Vista insecurity on third party applications Brian Loe (Dec 20)
- RE: Microsoft blames Vista insecurity on thirdparty applications Larry Seltzer (Dec 20)
- Re: Microsoft blames Vista insecurity on thirdparty applications Blue Boar (Dec 20)
- RE: Microsoft blames Vista insecurity on thirdparty applications Larry Seltzer (Dec 20)
- Re: Microsoft blames Vista insecurity on thirdparty applications Blue Boar (Dec 20)
- Re: Microsoft blames Vista insecurity on thirdparty applications Nick FitzGerald (Dec 20)
- Re: Microsoft blames Vista insecurity on thirdparty applications Blue Boar (Dec 20)
- RE: Microsoft blames Vista insecurity on thirdparty applications Nick FitzGerald (Dec 20)
- Re: Microsoft blames Vista insecurity on third party applications Brian Loe (Dec 20)
- Re: Microsoft blames Vista insecurity on third party applications Nick FitzGerald (Dec 20)