Re: Microsoft blames Vista insecurity on thirdparty applications

[Blue Boar <BlueBoar () thievco com>]

Thanks for the links to Allchin's blog, I've been looking for it.
Though, I could have guessed MS's take on it without looking.

I found many articles talking about the Sophos and Allchin blog entries,
all of which had no links to them (or I missed them, anyway.)  Is there
some prevailing editorial policy that frowns on linking to blogs?  I
certainly do so when writing my articles for Windows Secrets.

Larry Seltzer wrote:
> No, he's misrepresenting what Jim Allchin, the author of the blog entry
> says. What Allchin says is that while the malware in the study might
> technically execute on Vista it wouldn't, as a practical matter, get
> through to the point of executing because any decent mail client would
> block executable attachments, even in ZIP files, etc.

Yes, the article is taking the fact that one infection vector has been
closed under very narrow circumstances, and claiming that "malware
doesn't run anymore."  That's what I take exception to.  That's the Mac
zealot view of how malware works.

And yet, reading the blog...

"What we found was that if you are using only the software in Windows
Vista (e.g., Windows Mail and no add-on security software), then you are
IMMUNE to all ten of the malware threats that Sophos cited."

(CAPS emphasis mine.)

I wonder where the article author got hist misguided idea?

Here's the quick test:  Drop the .exe on the destop and double-click it.
 Did you get infected?  Then you're not immune.

                                        Ryan
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.